FAQ Database Discussion Community


Authorization Model: Context of Role?

security,authorization,claims-based-identity,abac,role-based-access-control
I am currently attempting to design an Authorization Model that has the following components: Privileges - an action that can either be granted or denied to a user/group Roles - a collection of privileges; roles can be associated with a user or group Security Objects - the entity to which...

Is that a bad design for access control database?

sql,database-design,access-control,role-based-access-control
I'm a simple system in PHP and codeigniter and need a simple but better way to manage users and their access to the system. So after some search I found interesting topics about access control but I'm still in doubt about if that's a good approach or not. The role...