From the course: Writing Secure Code in iOS by Infosec
Join today to access over 25,500 courses taught by industry experts.
Authorization
From the course: Writing Secure Code in iOS by Infosec
Authorization
- Now let's talk about authorization. You've authenticated your users. Now what are you going to let them do? What is access control? This is something that you should require in every app if the app has different kinds of users, or login functionalities, which would prevent non-users from accessing resources, like you have to log in before you can see something. It has, of course, two primary components. Authentication, proving who you are, and authorization, getting permission to do something after you have already successfully authenticated. An access control list, or ACL, is the most common implementation of access control. It's usually a list of permissions that are attached to an object. And typically, it's done as a table or a matrix that matches up users or groups to their assigned privileges. So some people can read, some people can write, some people can't do anything, some people can do everything. Some people have all privileges. And that is up to you, the designer and the…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
(Locked)
Apple ID4m 33s
-
(Locked)
Activity: Sign in with Apple ID11m 18s
-
(Locked)
Biometrics6m 36s
-
Activity: Logging in with biometrics10m 50s
-
(Locked)
Authorization11m 46s
-
(Locked)
Activity: Role-based access control10m 50s
-
(Locked)
One-time passwords7m 13s
-
(Locked)
Activity: Using a one-time password3m 14s
-
(Locked)
-
-