I have been using acl in WEB programs for user permission management. However, it is said that rbac is more powerful than acl, and I do not know where the advantage lies? I have been using acl in WEB programs for user permission management. However, it is said that rbac is more powerful than acl, and I do not know where the advantage lies?
Reply content:
I have been using acl in WEB programs for user permission management. However, it is said that rbac is more powerful than acl, and I do not know where the advantage lies?
RBAC = Role Based Access Control
ACL = Access Control List
RBAC is the name of a permission control system. ACL is the business rule in the permission system. They are not specific software or algorithms. RBAC requires ACL to work. ACL does not necessarily serve RBAC. Permission rules in other permission control systems are also called ACL.
Therefore, the two are not comparable.
In addition to RBAC, what other permission Control systems do, such as DAC-based and Dictionary Access Control for Windows?