|
Role-Based Access Control (RBAC)
|
- Assigns permissions based on predefined user roles (e.g., Admin, Editor, Viewer)
- Simplifies access management by grouping permissions
- Ideal for applications with clear and stable role definitions
- Makes permission allocation straightforward and easy to maintain
|
|
Attribute-Based Access Control (ABAC)
|
- Grants access based on user or environmental attributes
- Examples: location, time of access, device type
- Provides dynamic and context-aware access control
- More flexible than RBAC
- Well-suited for applications requiring fine-grained, situational permissions
|
|
Access Control Lists (ACLs)
|
- Define permissions per individual resource
- Allow highly granular control over access
- Each file, record, or object can have its own access rules
- Useful for resource-level permission management
|
|
Policy-Based Access Control (PBAC)
|
- Uses centralized policies to determine access
- Can evaluate multiple factors simultaneously
- Supports both RBAC and ABAC
- Ideal for complex systems with detailed access requirements
- Especially useful in microservices architectures due to layered control
|