After completing this video, you will understand alternative authorization models, including role-based and attribute-based authorization and time-of-day restrictions on authorization. You will also understand the implicit deny principle.
- [Instructor] As we wrap our discussion…of authorization concepts,…let's talk about a few advanced issues related…to authorization in an access control system.…We need to discuss the implicit deny principal,…rule based authorization, role based authorization,…and time of day restrictions.…The implicit deny principle,…otherwise known as default and I,…is one of the foundational principles…of access control systems.…It says that anything that is not explicitly allowed,…should be denied.…
If a computer system doesn't have explicit instructions…on how to handle a situation,…it should default to denying access.…Firewalls are a common example of the default…and I principle in action.…When a firewall receives a connection request,…it first consults the firewall rules to determine…whether a rule explicitly addresses the situation.…If the firewall finds a matching rule…it carries out the action specified by that rule.…If the firewall doesn't have explicit guidance…on handing the request, it blocks that connection request.…
To join one of Mike's free study groups for access to bonus tips and practice questions, visit certmike.com.
- Identity and access management
- Using access cards and biometrics
- Multifactor authentication
- Password authentication protocols
- Device authentication
- Identity management life cycle
- Access control lists
Skill Level Intermediate
Q: This course was updated on 05/18/2018. What changed?
A: New videos were added that cover subject/object model. In addition, the following topics were updated: registration and identity proofing, SSO and federation, and advanced authorization concepts.