docs: add notes on ABAC and weakness of RBAC

author: mo khan <mo@mokhan.ca> 2025-03-17 14:45:41 -0600
committer: mo khan <mo@mokhan.ca> 2025-03-17 14:45:41 -0600
commit: 94d084a51172b7e3851779e9e052435084d4abfe (patch)
tree: 2af690135fe184c34dedec7f34447fb12092ed40 /doc/share/authz/ReBAC.md
parent: f9168083b787118af5577015a3c7f9efa63c8e80 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/share/authz/ReBAC.md b/doc/share/authz/ReBAC.md
index 17d51a2..9202e0c 100644
--- a/doc/share/authz/ReBAC.md
+++ b/doc/share/authz/ReBAC.md
@@ -42,6 +42,11 @@ is fundamental to ReBAC (e.g. friend of friend).
 Recently, researchers have proposed extended ReBAC models applicable to other
 computing systems beyond OSNs.
 
+Most ReBAC models consider `user-to-user` and possibly `user-to-resource`
+relationshps. Very few consider `resource-to-resource` relationships. Models
+that consider `resource-to-resource` relationships typically do so through
+users.
+
 ## Access Control Policies
 
 Let `U` be the set of all users in the system.
author	mo khan <mo@mokhan.ca>	2025-03-17 14:45:41 -0600
committer	mo khan <mo@mokhan.ca>	2025-03-17 14:45:41 -0600
commit	94d084a51172b7e3851779e9e052435084d4abfe (patch)
tree	2af690135fe184c34dedec7f34447fb12092ed40 /doc/share/authz/ReBAC.md
parent	f9168083b787118af5577015a3c7f9efa63c8e80 (diff)