Lecture

Access Control Policies: Authentication and Authorization

Description

This lecture delves into access control policies, focusing on authentication and authorization mechanisms. The instructor discusses the importance of differentiating between subjects, objects, and operations, emphasizing the principles of least privilege and the UNIX philosophy. Various authentication methods such as passwords, biometrics, and one-time passwords are explored, along with the concepts of role-based access control (RBAC), discretionary access control (DAC), and mandatory access control (MAC). The lecture also covers the challenges and trade-offs associated with biometrics, OAuth, and Kerberos, highlighting the need for secure and user-friendly authentication protocols.

About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.