O'Reilly logo

Web Security by Hanqing Wu, Liz Zhao

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 10

Access Control

Permission is frequently mentioned in the field of security. It is actually a kind of capacity. The reasonable allocation of permission has always been the core issue of safety design.

Permission will be referred to as access control in this chapter. In the field of Internet security, in particular web security, permission control can be attributed to the issue of access control.

10.1 What Can I Do?

In Chapter 9, we discussed the difference between authentication and authorization. Certification is answering the question “Who am I?”; authorization is answering the question “What can I do?”

Permission control or access control is widely used in various systems. Abstractly, it is the subject of some object that is needed ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required