You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
D3FEND does not separate authentication and authorization explicitly. There is overlap between authorization and other columns, as a lot has to do with permissioning and hardening.
Credential Countermeasures, Authentication Countermeasures, and Authorization Countermeasures would be an interesting set of columns and could be worthy of a discussion. It could reduce future additions as they may be encapsulated within ones created and should be able to apply to most types of objects (network devices, endpoints, servers, etc.). In other words, potentially reduce the risk of repeating the same countermeasure in multiple places for just different things.
Authorization to resources may be broken down to manual and dynamic.
Dynamic Provisioning would be related to ABAC/SDN
Manual Provisioning may include DAC, MAC, RBAC, etc.
Digital Policy Rules (may affect Manual and/or Dynamic authorization)
Dynamic Provisioning/Deprovisioning (no human intervention)
Static Provisioning/Deprovisioning (not real-time)
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
D3FEND does not separate authentication and authorization explicitly. There is overlap between authorization and other columns, as a lot has to do with permissioning and hardening.
Credential Countermeasures, Authentication Countermeasures, and Authorization Countermeasures would be an interesting set of columns and could be worthy of a discussion. It could reduce future additions as they may be encapsulated within ones created and should be able to apply to most types of objects (network devices, endpoints, servers, etc.). In other words, potentially reduce the risk of repeating the same countermeasure in multiple places for just different things.
Authorization to resources may be broken down to manual and dynamic.
Digital Policy Rules (may affect Manual and/or Dynamic authorization)
Dynamic Provisioning/Deprovisioning (no human intervention)
Static Provisioning/Deprovisioning (not real-time)
Beta Was this translation helpful? Give feedback.
All reactions