On 11/07/2018 04:37 AM, Pete Turnbull wrote:
> Not really.  You go past the bouncer as an immediate consequence of 
> authorization.

I disagree.

To me these are two very distinct things.

I view authorization as a low pressure yes / no answer to should this 
access be allowed or not.

The access control (bouncer) is the high pressure and high risk exposed 
surface that people beat on to try to force their way in.

Much like how a low base current can control a high collector current on 
a transistor.

> The third 'A' is normally accounting: the bouncer notes the time you 
> entered in the visitors book or logbook, and sometimes also notes the 
> time you leave.  Just about every network access service does this, and 
> "access control" is the whole AAA thing combined.

I'll agree that accounting, or logging, is desired.  But many of the 
bouncers that I've seen don't do any logging (accounting) at all.  They 
simply enforce the decisions of other people (entities).

s/bouncer/security guard/ and I'll agree that logging (accounting) is 
typically done.

Does a turn stile do any logging?  Or does it simply allow somebody 
through if they provide the token?

> Have you ever seen a system that confirmed authentication and 
> authorisation but then denied access (other than through a fault)?

My ignorance does not preclude such from existing.

Think about someone approaching a checkpoint:

1)  They must authenticate themselves.
2)  They must be authorized to pass.
3)  The retractable tank traps (meant to be robust enough to stop a 
speeding car) must be retracted.

#3 is the access control that is independent of #1 & #2 as well as takes 
time to move.

I view the access control as the physical (or logical) barrier that 
allows or prevents things based on input of others.

> Denying access would be by a (possibly temporary) denial of authorisation.

I disagree.  You are still authorized.  You are still permitted to do 
$theThing.

Reusing the a tank trap comparison, does the drivers authentication or 
authorization status change between the time the guard says "Okay" and 
the time the driver leaves the check point?  The access control takes 
time to execute, namely the time it takes the guard to initiate 
retracting the tank trap and the time it takes for the tank trap to 
retract.  This entire time the driver is still authenticated and still 
authorized.  But access is still being prevented.



-- 
Grant. . . .
unix || die