Chapter 11 Authorization

which resources an authenticated user is allowed to use
entity's privileges
assigned to entity based on requirements of entity to use the info
provide ability to control actions of user

Least privileges: process should not have more privilege than is required to perform task

Separation of duties: different steps require different privileges granted to different people

Administrator account: unrestricted access, unlimited privileges. attractive target. should assign specific administrative authorizations to individual accounts to allow individual accountability & more granular distribution of authorizations. No shared accounts.

Granularity of authorizations: coarse (eg. per file, by OS): creation, deletion, modification, utilization (eg. execute), access (attributes), manage (change authorizations)
fine-grain (eg. per record)

Authorizations to groups or to individuals

Centralized or distributed management of authorizations

Authorization as resource-based vs. role-based. list-based vs. rule-based

Authorization server: integrated enterprise authorization service requires that all functions that require privileges use a centralized authorization service to determine if the privilege should be granted.

Outside intruder tries to gain authorization to achieve goal
Inside intruder often has (too much) authorization.