Effective Authorization Mechanisms: Ensuring Secure Access Control on Software Resources

Krishna Mohan Pitchikala

Abstract: Securing data against illegal access is crucial in today's digital world. Authorization mechanisms serve as gatekeepers, determining who can view, modify, or use software resources. These mechanisms restrict access to ensure that only authorized users can access specific resources, thereby protecting the integrity and safety of those resources. While the principle of least privilege is a widely accepted approach to implement access control, the choice of access control or authorization mechanisms depends on several factors, particularly on the access patterns of different users. This paper is written in such a way that it provides a comprehensive overview of authorization mechanisms, covering conventional methods such as Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role - Based Access Control (RBAC) along with advanced methods like Attribute - Based Access Control (ABAC) and Policy - Based Access Control (PBAC). Each of these mechanisms are detailed individually and compared together towards the end. This paper also highlights few emerging trends and new developments in authorization. This analysis aims advise about the best ways of securing information.

Keywords: data security, authorization mechanisms, access control, least privilege, access patterns