Even for seasoned software developers, wading into the world of IAM (Identity & Access Management) and Access Control can be a bit intimidating. You need to consume a generous portion of alphabet soup: RBAC, ABAC, PBAC… then you must wrap your head around the complexities of roles, permissions and so on.
But at its core, access control is something anyone can understand. The phrase “access control” just refers to application mechanisms that govern what each user can (or cannot) see and do.
Here are 5 features many people encounter every day that are access control… they just didn’t know it. Or they knew, but forgot.
When Jack goes to Amazon.com, he sees product recommendations, past orders and so on. When Jill goes to Amazon, she sees her own recommendations and orders — not Jack’s. App builders usually refer to this as “personalization” but mechanically, it is just access control — code that ensures Jack sees his own data and cannot see Jill’s (or anyone else’s).
4. Parental Controls
When you set up a PIN on Netflix so your kids cannot watch so-called “adult” content, you are in essence creating access-control roles. In code, there’s little difference between “Administrator / Regular User” and “Parent / Child.”
3. Mobile App Permissions
When you install an app on Android or iOS, you often see a screen listing all the stuff the app wants to access on your device: GPS, your camera, SD card and so on. You’re the boss here — the app is asking you to grant permissions — but it’s still access control.
2. Hotel keycards
In many modern hotels — especially those catering to business travelers — your room is opened with a keycard. The reusable card is programmed at check-in by a “card writer” connected to the room-management software. In some systems, the card can be programmed to open any combination of rooms — your own room and the gym, for instance. Thanks to these cards, Access Control can treat a physical resource as if it were a software feature.
1. Network Firewalls
Firewalls can be software — like the venerable but still serviceable iptables in Linux — or they can be devices, from your garden-variety home router to industrial-strength systems from the likes of Cisco. All of them, however, do roughly the same thing: govern which data packets get through from one network to another, where they can come from and where they can go. Access control, again.
At Hubrix, we strive to define access control in the broadest possible terms. While we recognize the five examples above are distinct use cases, we believe the time has come to implement them as different facets of a common core feature set. That is what we are trying to do with Hurima.