Skip main navigation


Authorization is needed to enforce security and manage permissions. Learn more about how this is addressed.

Let’s wrap up what you have learned.

  • Any access to resources using an identity should be authenticated, and beyond that authentication, we need ongoing authorization. This is needed to enforce security and accounting with each attempt to use a privilege, whether the attempt is successful or not. The security kernel ensures ongoing authorization for all transactions within an operating system. This security kernel model is common to all modern operating systems.

  • A number of access control models exist within discretionary access control, mandatory access control, and role-based access control. Role-based access control remains the most popular. DAC, MAC, and RBAC are the most commonly known models. Attribute-based access control is the next-generation access control model, and is gaining in popularity.

This article is from the free online

Cyber Security Foundations: Identity and Access Management

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now