Identification, Authentication and Authorization

Applied Cryptography Robust Software Quantum Safety Machine Learning Applied to Security Analysis and Exploration of Vulnerabilities Computer Systems Forensic Analysis Reverse Engineering Identification, Authentication and Authorization Secure Execution Environments Direito da Organização e da Segurança

Identification, Authentication and Authorization
Access Control Models
OAuth 2.0 Authorization Framework
Linux Security Mechanisms
Authentication Protocols
PAM (Pluggable Authentication Modules)
FIDO and FIDO2 framework
Authentication with Trusted Third Parties / KDCs
Identity Management
Anonymity and Privacy

Powered by GitBook

On this page

Information flow models

PreviousSegregation of duties NextMultilevel security

Last updated 7 months ago

Authorization is applied to data flows.

Considering the data flow source and destination.
Goal: avoid unwanted/dangerous information flows.

Src and Dst security-level attributes.

Information flows should occur only between entities with given security-level (SL) attributes.
Authorization is given based on the SL attributes.