Share this page!

Alex Xu Profile picture
Twitter logo
Sep 14 โ€ข 8 tweets โ€ข 2 min read
1/ How do we design a permission system? The diagram below lists 5 common ways. ๐Ÿ‘‡ Image
2/ 1. ACL (Access Control List)

ACL is a list of rules that specifies which users are granted or denied access to a particular resource.

Pros - Easy to understand.

Cons - error-prone, maintenance cost is high
3/ 2. DAC (Discretionary Access Control)

It grants or restricts object access via an access policy determined by an object's owner group.

Pros - Easy and flexible. Linux file system supports DAC.

Cons - Scattered permission control, too much power for the objectโ€™s owner group
4/ 3. MAC (Mandatory Access Control)

Both resource owners and resources have classification labels. Different labels are granted with different permissions.

Pros - strict and straightforward.

Cons - not flexible.
5/ 4. ABAC (Attribute-based access control)

Evaluate permissions based on attributes of the Resource owner, Action, Resource, and Environment.

Pros - flexible

Cons - the rules can be complicated, and the implementation is hard. It is not commonly used.
6/ 5. RBAC (Role-based Access Control)

Evaluate permissions based on roles

Pros - flexible in assigning roles.
7/ Over to you: Which type of permission systems have you used?

Join a growing community of more than 100,000 readers who love System Design. Subscribe here:

bit.ly/3ysfTqW
8/ I hope you've found this thread helpful.

Follow me @alexxubyte for more.

Like/Retweet the first tweet below if you can:

โ€ข โ€ข โ€ข

Missing some Tweet in this thread? You can try to force a refresh
ใ€€

Keep Current with Alex Xu

Alex Xu Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @alexxubyte

Alex Xu Profile picture
Sep 13
/1 Have you noticed that the largest incidents are usually caused by something very small?

A minor error starts the snowball effect that keeps building up. Suddenly, everything is down. Image
/2 Here are 8 cloud design patterns to reduce the damage done by failures.

- Timeout
- Retry
- Circuit breaker
- Rate limiting
- Load shedding
- Bulkhead
- Back pressure
- Let it crash Image
/3 These patterns are usually not used alone. To apply them effectively, we need to understand why we need them, how they work, and their limitations.
Read 6 tweets
Alex Xu Profile picture
Sep 12
/1 ๐–๐ก๐š๐ญ ๐€๐ซ๐ž ๐ญ๐ก๐ž ๐†๐ซ๐ž๐ž๐ง๐ž๐ฌ๐ญ ๐๐ซ๐จ๐ ๐ซ๐š๐ฆ๐ฆ๐ข๐ง๐  ๐‹๐š๐ง๐ ๐ฎ๐š๐ ๐ž๐ฌ [1]?

The study below runs 10 benchmark problems in 28 languages. It measures the runtime, memory usage, and energy consumption of each language. The abstract of the paper is shown below. Image
/2 โ€œThis paper presents a study of the runtime, memory usage and energy consumption of twenty seven well-known software languages. We monitor the performance of such languages using ten different programming problems, expressed in each of the languages.
/3 Our results show interesting findings, such as, slower/faster languages consuming less/more energy, and how memory usage influences energy consumption.
Read 8 tweets
Alex Xu Profile picture
Sep 8
/1 Choosing the right database is often the most important decision we'll ever make.

We are talking about a database for a real growing business, where a bad choice would lead to extended downtime, customer impact, and even data loss.

This take is probably a bit controversial.
/2 The thread was written by @sahnlam and illustrated by me.
/3 ๐…๐ข๐ซ๐ฌ๐ญ, ๐š๐ซ๐ž ๐ฐ๐ž ๐ฉ๐จ๐ฌ๐ข๐ญ๐ข๐ฏ๐ž ๐ญ๐ก๐š๐ญ ๐ฐ๐ž ๐ง๐ž๐ž๐ ๐š ๐๐ข๐Ÿ๐Ÿ๐ž๐ซ๐ž๐ง๐ญ ๐๐š๐ญ๐š๐›๐š๐ฌ๐ž? Is the existing database breaking at the seams? Maybe the p95 latency is through the roof. Maybe the working set is overflowing the available memory.
Read 15 tweets
Alex Xu Profile picture
Sep 7
/1 What is GraphQL? Is it a replacement for the REST API?

The diagram below shows the quick comparison between REST and GraphQL.
/2 ๐Ÿ”นGraphQL is a query language for APIs developed by Meta. It provides a complete description of the data in the API and gives clients the power to ask for exactly what they need.

๐Ÿ”นGraphQL servers sit in between the client and the backend services.
/3 ๐Ÿ”นGraphQL can aggregate multiple REST requests into one query. GraphQL server organizes the resources in a graph.

๐Ÿ”นGraphQL supports queries, mutations (applying data modifications to resources), and subscriptions (receiving notifications on schema modifications).
Read 5 tweets
Alex Xu Profile picture
Sep 6
/1 What does API gateway do?

The diagram below shows the detail.
/2 Step 1 - The client sends an HTTP request to the API gateway.

Step 2 - The API gateway parses and validates the attributes in the HTTP request.

Step 3 - The API gateway performs whitelist or blacklist checks.
/3 Step 4 - The API gateway talks to an identity provider for authentication and authorization.

Step 5 - The rate limiting rules are applied to the request. If it is over the limit, the request is rejected.
Read 9 tweets
Alex Xu Profile picture
Sep 1
/1 What happens behind the scenes when we ๐ฌ๐ก๐จ๐ฉ ๐จ๐ง๐ฅ๐ข๐ง๐ž?

Disclaimer: I have limited knowledge of the eCommerce system. The diagram below is based on my research. Please suggest better names for the components or let me know if you spot an error. Image
/2 The diagram below shows the 4 key business areas in a typical e-commerce company: procurement, inventory, eComm platform, and transportation.

1๏ธโƒฃ Procurement

Step 1 - The procurement department selects suppliers and manages contracts with them. Image
/3 Step 2 - The procurement department places orders with suppliers, manages the return of goods, and settles invoices with suppliers. Image
Read 10 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(