You wouldn’t think that books discussing agronomics would have much to say relevant to Organizational Structure, IT Management or Knowledge Management. You’d be wrong, of course, but you can see how people would think that. I’d like to show how some of the ideas being debated in the agricultural industry’s fringes can illuminate our own issues. James C. Scott, in …
Teesside Confidentiality Model as presented at SACMAT
this year. Regretfully, I didn’t attend but I have been pouring through the proceedings. As I promised months ago, this post highlights some of the more interesting points for those of us doing access control technologies for software systems.
Role Based Access Control (RBAC) vs. Access Control Lists (ACLs)
Executive Summary From a security perspective, RBAC always provides superior security to ACLs. However, there are places where the cost of using RBAC would be too high. These include: the security of Windows file systems, Oracle/Sybase/SQL Server DBA and employee-specific functions such as where an employee manages his or her own 401(k). Developers should use RBAC in almost all cases. …