Best practices for user access

This article seems somewhat related. More of a use case than best practices but good to keep in mind. http://searchsecurity.techtarget.com/tip/User-provisioning-best-practices-Access-recertification

Here’s another article on the importance of good user access control : https://esj.com/articles/2007/03/27/access-control-10-best-practices.aspx?m=1

More best security practices : https://www.owasp.org/index.php/Access_Control_Cheat_Sheet#tab=Introduction

XACML stands for “eXtensible Access Control Markup Language” not sure if it helps me at all or if it’s been adopted at all but it might be interesting to see how that language looks. https://en.m.wikipedia.org/wiki/XACML

Todo: How does windows do it?

Todo: How do other apps do it?

Advertisements