|
Role Based Access Control for .NET Applications
sponsored by Novalys
|
|
|
Posted:
|
03 Jul 2008
|
|
Published:
|
02 Jul 2008
|
|
Format:
|
PDF
|
|
Length:
|
10
Page(s)
|
|
Type:
|
White Paper
|
|
Language:
|
English
|
|
|
ABSTRACT:
The objective of this document is to provide the reader with useful information about designing and creating a Role Based Access Control system (RBAC). An RBAC system provides three types of features: Authentication, Authorization and Audit:
- Authentication: This confirms the user's identity: It consists of checking the identity of the user of your application. Actually, this is a two step process: First, identification, which consists of stating who you are; and then authentication, which consists of proving who you are. This is usually done via user accounts and passwords. This is the first level of security.
- Authorization: Authorizations define what a user can do in an application: Basically, you define what the user is allowed to see, do and modify in the application.
- Audit: Keep track of sensitive transactions in the application: You may need auditing features to comply with business rules specific to your company, with legal requirements like SOX or certification processes like ISO.
|
|
|
|
 |
BROWSE RELATED
RESOURCES
Access Control | Application Security | Authentication | Endpoint Security | Password Management | Password Management Software
|
View All Resources
sponsored by Novalys
|
|
|
|
|
Cramsession Research Library Copyright © 1998-2008 Bitpipe, Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. TechTarget · 117 Kendrick St · Needham, MA · 02494
Use of this web site constitutes acceptance of the Bitpipe Terms and Conditions and Privacy Policy. cramsession@bitpipe.com
|
