This session covers access control. Access control is an essential part of every application that manages data of any value. However, access control is also complex and hard to get right, both from a development and management point of view.
In this session, we first explore the concept and goals of access control in general. We then discuss the different models that exist in practice and in literature to reason about access control. We then investigate different approaches of how to enforce access control in an application. Overall, this sessions aims to provide deeper insights into access control in order to better reason about it and implement it correctly and efficiently.
Learning objectives
- Understand the goal of access control.
- Understand the process of access control.
- Learn about existing and emerging models to reason about access control.
- Learn about different approaches to implement access control, their advantages and limitations.
- Be aware of upcoming evolutions and how to prepare for them.