What is Relationship-Based Access Control (ReBAC)?

ReBAC is an advanced model used for social graphs or document sharing where access depends on the relationship between users and resources, similar to Google Zanzibar.

How does this skill help with the Principle of Least Privilege?

It provides patterns for implementing fine-grained permissions and attribute-based rules, ensuring users only have the minimum access necessary for their tasks.

Which authorization model should I choose for a simple app?

For simple applications with clear job roles, Role-Based Access Control (RBAC) is usually the best balance of complexity and scalability.

Can I use this for multi-tenant applications?

Absolutely; the skill includes specific guidance on designing authorization systems for multi-tenant environments and ensuring department-level data isolation.

Does this skill provide code for specific frameworks?

Yes, the skill includes implementation examples for C# and ASP.NET Core, though the underlying architectural principles apply to any programming language.

Authorization Models & Access Control

Name: Authorization Models & Access Control
Author: melodic-software

bymelodic-software

•

Seguridad y Pruebas

Provides comprehensive architectural guidance and implementation patterns for RBAC, ABAC, ACL, and ReBAC permission systems.

This skill equips Claude with specialized knowledge for designing and implementing secure authorization systems across various software architectures. It covers a wide range of access control strategies—from simple Access Control Lists (ACL) and Role-Based Access Control (RBAC) to complex Attribute-Based (ABAC) and Relationship-Based (ReBAC) models. It is particularly useful for developers architecting multi-tenant applications, migrating from legacy role checks to fine-grained permissions, or implementing policy-as-code patterns like Open Policy Agent (OPA) and Google Zanzibar styles.

Características Principales

01Logical decision trees for selecting the optimal access control strategy

02Code examples for policy engines and attribute-based evaluation

035 GitHub stars

04Deep comparison of authorization models including RBAC, ABAC, ACL, and ReBAC

05Implementation patterns for hierarchical and fine-grained permissions

06Guidance on multi-tenant isolation and least privilege principles

Casos de Uso

01Designing relationship-based access for data ownership and resource sharing

02Refactoring a simple role-based system into fine-grained ABAC for complex logic

03Architecting a scalable permission system for a new enterprise SaaS application

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add melodic-software/claude-code-plugins authorization-models

For use in Claude.ai and ChatGPT

Download Skill