Sathiya Rajendhran

Subscribe to Sathiya Rajendhran: eMailAlertsEmail Alerts
Get Sathiya Rajendhran: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Sathiya Rajendhran

Defining "Who sees what" and "who does what" are the two important aspects of access control in any software application. "Security" is a much larger subject, but this article focuses on just the access control aspects of security in a software application. The Older Paradigm: Roles and Page-Level Access Controls When you build a custom application for a specific customer, the access control policies of the organization are often defined upfront as part of the requirements phase. Depending on the vertical, domain and the specific organizational structure of the business, first the roles are defined. And then each role is given access to a set of screens, forms, pages and reports. What role A sees might be different from what role B sees. What role A can do could be different from what role B is allowed to do. Of course, certain areas in the application can be accessed... (more)