Software Architecture and Decision-Making by Srinath Perera;
Author:Srinath Perera;
Language: eng
Format: epub
Publisher: Pearson Education (US)
Published: 2024-02-15T00:00:00+00:00
Letâs look first at attribute-based authorization, where authorization is defined as rules based on the userâs attributes. For example, a bankâs rule may say that a user can create a regular account only if the user is older than 18 years. Often, an IDP provides tokens that assert the attributes, and the applications use the tokens to authorize. How to support a what-are-my-resources query is not clear in this instance.
Furthermore, it is possible to use a fully token-based approach, where we issue users tokens explaining what they can do, and the users send them back when they want to interact with the system. The primary advantage of this model is that itâs decentralized; tokens issued by trusted IDPs can give rise to a rich security landscape. However, a token-based approach poses several challenges.
In this approach, the user needs to store and manage those tokens, which is harder from the userâs perspective. The user might inadvertently (or maliciously) give those tokens to outsiders. Revoking permissions is also complicated. Finally, supporting a what-are-my-resources query is difficult.
These complex authorization models are implemented using XACML (Extensible Access Control Markup Language) or Open Policy Agent (OPA), but you should seek help from a security architect if adapting these models. Next, letâs focus on where to place the authorization logic.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
AI & Machine Learning | Bioinformatics |
Computer Simulation | Cybernetics |
Human-Computer Interaction | Information Theory |
Robotics | Systems Analysis & Design |
Algorithms of the Intelligent Web by Haralambos Marmanis;Dmitry Babenko(7865)
Hadoop in Practice by Alex Holmes(5665)
Jquery UI in Action : Master the concepts Of Jquery UI: A Step By Step Approach by ANMOL GOYAL(5518)
Life 3.0: Being Human in the Age of Artificial Intelligence by Tegmark Max(4524)
Functional Programming in JavaScript by Mantyla Dan(3727)
The Age of Surveillance Capitalism by Shoshana Zuboff(3435)
Big Data Analysis with Python by Ivan Marin(3109)
Blockchain Basics by Daniel Drescher(2900)
The Rosie Effect by Graeme Simsion(2716)
WordPress Plugin Development Cookbook by Yannick Lefebvre(2629)
Test-Driven Development with Java by Alan Mellor(2578)
Hands-On Machine Learning for Algorithmic Trading by Stefan Jansen(2546)
Applied Predictive Modeling by Max Kuhn & Kjell Johnson(2490)
Dawn of the New Everything by Jaron Lanier(2443)
Data Augmentation with Python by Duc Haba(2425)
The Art Of Deception by Kevin Mitnick(2305)
The Infinite Retina by Robert Scoble Irena Cronin(2282)
Principles of Data Fabric by Sonia Mezzetta(2246)
Rapid Viz: A New Method for the Rapid Visualization of Ideas by Kurt Hanks & Larry Belliston(2206)