The Guide
Explain It Like I'm 5Information SecurityAccessability

Permissions

What's the purpose of permissions?

Purpose

Permissions are meant to enforce controls on any identity actions (Yes, even your own computer has it's own user identity - and not just one) and that's how we make sure that no one would be able to do something they're not supposed to (permissions extend all the way to your hardware, even your application has it's own set of permissions on the operating system and system memory)

Different Implementations Of Permission Management

Same Foundation

At the end of the day, all permission (access control) mechanisms do the same job - decide if you have read / write / execute permissions

The main differences are:

  1. How modular those permissions are - How deep can you go into specific permissions
  2. Labeling standards - Different systems can call the same kind of permissions in a different name such as Viewer on one system and Read-Only on the other

Note: Be aware that there are systems that are deeply customizable meaning you can create new permission group / role and give it the exact permissions you need while other systems just give you a narrower set of options to choose from - This highly depends on the systems developers

RBAC

Role based access control or RBAC for short is a form of permission control that uses roles as it's way of managing permissions

Examples:
  • Read only permissions can be labeled as Viewer
  • Read Write permissions can be labeled as Editor
  • Access to manage the system settings but without access to the systems actual content can be labeled as Config Admin

ACL

Authorization

What's authorization and how is it different from authentication?

Encryption

What's encryption and why do we need it?

On this page

PurposeDifferent Implementations Of Permission ManagementSame FoundationRBACExamples:ACL