What is Relationship-Based Access Control (ReBAC)?

ReBAC is an advanced model used for social graphs or document sharing where access depends on the relationship between users and resources, similar to Google Zanzibar.

How does this skill help with the Principle of Least Privilege?

It provides patterns for implementing fine-grained permissions and attribute-based rules, ensuring users only have the minimum access necessary for their tasks.

Which authorization model should I choose for a simple app?

For simple applications with clear job roles, Role-Based Access Control (RBAC) is usually the best balance of complexity and scalability.

Can I use this for multi-tenant applications?

Absolutely; the skill includes specific guidance on designing authorization systems for multi-tenant environments and ensuring department-level data isolation.

Does this skill provide code for specific frameworks?

Yes, the skill includes implementation examples for C# and ASP.NET Core, though the underlying architectural principles apply to any programming language.

Authorization Models & Access Control

Name: Authorization Models & Access Control
Author: melodic-software

bymelodic-software

•

Seguridad y Pruebas

Provides comprehensive architectural guidance and implementation patterns for RBAC, ABAC, ACL, and ReBAC permission systems.

Acerca de

This skill equips Claude with specialized knowledge for designing and implementing secure authorization systems across various software architectures. It covers a wide range of access control strategies—from simple Access Control Lists (ACL) and Role-Based Access Control (RBAC) to complex Attribute-Based (ABAC) and Relationship-Based (ReBAC) models. It is particularly useful for developers architecting multi-tenant applications, migrating from legacy role checks to fine-grained permissions, or implementing policy-as-code patterns like Open Policy Agent (OPA) and Google Zanzibar styles.

Características Principales

Logical decision trees for selecting the optimal access control strategy
Code examples for policy engines and attribute-based evaluation
5 GitHub stars
Deep comparison of authorization models including RBAC, ABAC, ACL, and ReBAC
Implementation patterns for hierarchical and fine-grained permissions
Guidance on multi-tenant isolation and least privilege principles

Casos de Uso

Designing relationship-based access for data ownership and resource sharing
Refactoring a simple role-based system into fine-grained ABAC for complex logic
Architecting a scalable permission system for a new enterprise SaaS application

Acerca de

Características Principales

Logical decision trees for selecting the optimal access control strategy
Code examples for policy engines and attribute-based evaluation
5 GitHub stars
Deep comparison of authorization models including RBAC, ABAC, ACL, and ReBAC
Implementation patterns for hierarchical and fine-grained permissions
Guidance on multi-tenant isolation and least privilege principles

Casos de Uso

Designing relationship-based access for data ownership and resource sharing
Refactoring a simple role-based system into fine-grained ABAC for complex logic
Architecting a scalable permission system for a new enterprise SaaS application