The security mechanism determining and enforcing what authenticated users are authorized to do within a computer system. The dominant forms of authorization are DAC, MAC and RBAC. DAC (Discretionary Access Control) manages access using ACL (Access Control Lists) on each resource object where users are listed along with the permissions or privileges granted or denied them. MAC (Mandatory Access Control) manages access using labels of classification or clearance on both subjects and objects, and only those subjects with equal or superior clearance are allowed to access resources. RBAC (Role Based Access Control) manages access using labels of a job role that has been granted the permissions and privileges needed to accomplish a specific job or role.
Published in Chapter:
Cybersecurity in Europe: Digital Identification, Authentication, and Trust Services
Joni A. Amorim (Universidade Estadual de Campinas (UNICAMP), Brazil), Jose-Macario de Siqueira Rocha (Universitat de València, Spain), and Teresa Magal-Royo (Universitat Politécnica de València (UPV), Spain)
Copyright: © 2021
|Pages: 19
DOI: 10.4018/978-1-7998-6975-7.ch002
Abstract
Information security is increasingly necessary between citizens and public services. In a nearby environment, such as cities, there are digital services and infrastructures that help improve our quality of life. Secure access to services must be regulated and offer trust to the user. Initiatives like the Regulation from European Union, (EU) N° 910/2014 of the European Parliament and the Council intend to favour solutions for problems like interoperability and cybersecurity. In this chapter, two European countries are considered so that implementations of the electronic identification, authentication, and trust services are presented and discussed. The main contribution is a description of relevant European projects, a first step necessary to propel further research on this topic. The chapter also presents the current challenges for the consolidation of the technology used and for the adaptation of the electronic services offered by public administration bodies to citizens.