Event Driven Applications
Review, Research, and Discussion
Why is access control important?
Access control is a layer of security that controls resources to data or functionality - it is important because you want to control who has access to sensitive data and who can make changes to things.
Describe an application that would need access control.
### 1. An education used by instructors and students to submit assignments and keep track of grades such as canvas. As a student, I want to be able to see my grades and assignments, but as an instructor you should be able to see everyones grades and create assignments.
### 2. its used in facebook pages where there is admins , editors , moderators and contributors and each of these roles has different Capabilities .
What is a role used for?
A role is how you assign different levels of access to different types of users, ( difine the Capabilities for each user based on that role).
Why is role based access control more scalable than discretionary or mandatory access control?
Role based access control is easily scalable because you can globally set access rules for different types of users based on their role.
### 1.Roles can be added easily. ### 2.Role actions can modified easily and will updates for all users. ### 3.Routes actions can be changed easily.
Document the following Vocabulary Terms
Authorization :
### Authorization is a security mechanism to determine access levels or user/client privileges related to system resources including files, services, computer programs, data and application features. This is the process of granting or denying access to a network resource which allows the user access to various resources based on the user’s identity.
Role Based Access Control :
### Role based access control is setting permissions for what a certain type of user can do or what resources they can access based on their assigned role.So Role-Based Access Control (RBAC) is a security paradigm whereby users are granted access to resources based on their role in the company. RBAC, if implemented correctly, can be an effective way of enforcing the principle of least privilege we use it with An access control list (ACL) which contains rules that grant or deny access to certain digital environments.
Capabilities :
### The actions that a user has been granted permission to use, such as crud operations , It refers to a value that references an object along with an associated set of access rights. A user program on a capability-based operating system must use a capability to access an object. The object-capability model is a computer security model. A capability describes a transferable right to perform one operations on a given object. It can be obtained by the following combination: An unforgeable reference that can be sent in messages. A message that specifies the operation to be performed.
Preview
Which 3 things had you heard about previously and now have better clarity on?
### Event driven programming, event emitters, node events
Which 3 things are you hoping to learn more about in the upcoming lecture/demo?
### Handling listener errors, dealing with max listeners, best practices for event driven programming
What are you most excited about trying to implement or see how it works?
### a messsaging system, event driven programming, dealing with multiple event listeners