也就是说,通过欺骗在组织中工作的人员,攻击者可以获得权限以访问他们本不应该访问的系统和信息。
That is, attackers are often able to gain access to systems and information to which they should not have access by tricking the human beings that work for an organization.
因此,权限是通过将人员与业务对象上的角色相关联来授予的。
Thus, authorization is granted by associating a person with a role on a business object.
这些系统对文件进行加锁,这样在某个时间只有一个开发人员对中心仓库具有写入权限。
These systems lock files so that only one developer has write access to the central repository at a time.
应用推荐