Database Security :Access Control
authentication 认证, authorization 授权, access control 访问控制
These three mechanisms are distinctly different but usually used in combination with a focus on access control for granularity in assigning rights to specific objects and users.
Generally, access control is defined in three ways:
- Mandatory Access Control (MAC) 自主存取控制
- Discretionary Access Control (DAC) 强制存取控制
- Role Based Access Control (RBAC) 基于角色的存取控制
Grant
Revoke
Role
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
A right is something you are born with, and you will die with, granted to you by your “Creator”.
A privilege is granted to you by the King, General, Church, or the State, and may be revoked at any time, if one loses favour.
This is usually caused by a failure “consider the king”, a failure to pay the “royalty”, tax, indulgence, tithe, license fee, etc.
So-called “Civil Rights” are by definition, conveyed by positive law, and thus are more akin to privileges than to natural rights.
So-called “Civil Liberties” are by definition natural immunities to government interference, and are thus are more akin to proper natural rights. Rights exist before, and are thus superior to, privileges.
