접근 제어 메커니즘 (Access Control)
권한 관리 시스템.
Core concepts include: 1. Auditing: Keeping a record of every access attempt. 2. Hardening: Removing unnecessary accounts and permissions. 3. Vulnerability Management: Fixing flaws like Broken Access Control. 4. Least Privilege: Giving users only the minimum access needed for their job.
graph LR
Center["접근 제어 메커니즘 (Access Control)"]:::main
Rel_access_control["access-control"]:::related -.-> Center
click Rel_access_control "/terms/access-control"
Rel_rbac["rbac"]:::related -.-> Center
click Rel_rbac "/terms/rbac"
Rel_access_control_security["access-control-security"]:::related -.-> Center
click Rel_access_control_security "/terms/access-control-security"
classDef main fill:#7c3aed,stroke:#8b5cf6,stroke-width:2px,color:white,font-weight:bold,rx:5,ry:5;
classDef pre fill:#0f172a,stroke:#3b82f6,color:#94a3b8,rx:5,ry:5;
classDef child fill:#0f172a,stroke:#10b981,color:#94a3b8,rx:5,ry:5;
classDef related fill:#0f172a,stroke:#8b5cf6,stroke-dasharray: 5 5,color:#94a3b8,rx:5,ry:5;
linkStyle default stroke:#4b5563,stroke-width:2px;
🧒 5살도 이해할 수 있게 설명
누가 어떤 문을 열 수 있는지, 어떤 비밀 문서를 볼 수 있는지 결정하는 보안 규칙들입니다.
🤓 Expert Deep Dive
The security of access control hinges on the 'Principle of Least Privilege' and 'Defense in Depth'. A major focus is preventing 'Lateral Movement'—where an attacker compromises a low-privilege account and uses implementation flaws to gain administrative access. Automated security testing (AST) tools are increasingly used to map permission matrices and detect 'Permissive Default' settings that might expose sensitive data. Implementation must follow the 'Fail-Closed' design pattern, where any error in the authorization logic results in access being denied rather than granted.