Are you an EPFL student looking for a semester project?
Work with us on data science and visualisation projects, and deploy your project as an app on top of Graph Search.
Access Control Policies: Authentication and Authorization
This lecture delves into access control policies, focusing on authentication and authorization mechanisms. The instructor discusses the importance of differentiating between subjects, objects, and operations, emphasizing the principles of least privilege and the UNIX philosophy. Various authentication methods such as passwords, biometrics, and one-time passwords are explored, along with the concepts of role-based access control (RBAC), discretionary access control (DAC), and mandatory access control (MAC). The lecture also covers the challenges and trade-offs associated with biometrics, OAuth, and Kerberos, highlighting the need for secure and user-friendly authentication protocols.