Endpoint | user1 | user2 | user3 | user4 |
---|---|---|---|---|
/balance | GET | GET | GET | GET |
/transfers | GET | GET | GET | |
POST | POST | |||
/settings | PATCH | |||
Table 1
This (fig. Table 1) shows an access control matrix for a banking website whereby user1 has reporting access (to view /balance only) and user2 has auditing access (read-only access to view balance and a list of transactions), user3 has read-write access (can create transactions), and user4 has full administrative access (can change account settings).
Endpoint | user1 | user2 | user3 | user4 |
---|---|---|---|---|
/balance | GET | GET | GET | GET |
|
GET | GET | GET | |
|
||||
/settings |
|
Table 2
This shows the access control matrix from fg. Table 2, updated for a threshold-based system. As before, user1 has read-only access to view the account bal- ance, but now, at least 2 of user2, user3, and user4 must agree to create a transfer, and all 3 must agree on all settings changes.