Entity Access Matrix

Also called Access Control Matrix or Capability Security Matrix. This is formal specification for a security model for governing the access and protection of Entities or Assets in the form of information or functional processes within a computer system. These matrix appear in several forms.

These might be data resources, usecase, or systems.

  • Define Allowed or Denied
  • CRUD : Create, Read, Update Delete
  • Program : Read, Write, Execute, Own
eCommerce Absent Credentials Invalid Credentials Valid Credentials
Home Page Allowed Allowed Allowed
Login Allowed Denied Allowed
Order Denied Denied Allowed
Record DBA Manager Operator
Create Allowed Allowed Denied
Read Allowed Allowed Allowed
Update Allowed Allowed Denied
Delete Allowed Denied Denied
octalPermission Read Write Execute
6read and write110
5read and execute101
4read only100
3write and execute011
2write only010
1execute only001

entity_access_matrix.txt ยท Last modified: 2013/03/05 10:42 by Martin Spamer