Accountability is Cheaper than Access Control


Jon Udell writes about using accountability to augment access control. Jon is working from Dan Geer's script. Dan has said that accountability scales linearly while access control scales at least as the square. For many applications, simply being able to audit what's happened to a resource (who accessed it, where was it sent, etc.) is sufficient and that's a lot cheaper than trying to build access control lists for every resource in your enterprise.


Please leave comments using the Hypothes.is sidebar.

Last modified: Thu Oct 10 12:47:21 2019.