Today, I’m going to share with you a practical application of binary control in personnel permission management, which happens to be the very first project I tackled and the technology that we used.
CRUD, which stands for Create, Read, Update, and Delete, are four common actions in computer systems (for more details, please refer to Wikipedia).
In this article, we will use these four actions to illustrate personnel permission control.
You can see that from right to left, each digit represents the actions of CRUD and the binary digit. For example, C corresponds to 1, R corresponds to 2, and so on.
( 20 = 1, 21 = 2, 22 = 4, 23 = 8)
Binary Logic Operations
Before we begin, it’s important to understand some logical operations used in binary calculations.
- AND: returns 1 only if both operands are 1; otherwise, returns 0.
- OR: returns 1 if either operand is 1; otherwise, returns 0.
- XOR: returns 1 if the operands have opposite values; otherwise, returns 0.
Don’t forget to take notes, you never know when binary calculations will come in handy. Now let’s dive into Henry’s story!
The Binary Battle: Henry’s Quest for Permissions
#1. Permission Control – Configuration
Henry is a senior banking business department specialist with the following permissions: ‘Read’ and ‘Create’, represented in binary as 0011.
As for the U and D permissions, they are not granted to him, so both are set to 0.
(When represented in binary, “0011” corresponds to the decimal number 3.)
#2. Permission control – Judgement
One day, a mysterious man in black approached Henry and asked him to adjust his account balance for a large sum of money if he succeeded.
Henry logged into the backend to try and modify the data, knowing full well that he did not have the necessary permissions.
To determine whether permission is granted, we use AND to perform the calculation ➜ Both must be 1 to be 1 (binary calculation).
Binary calculation can be directly represented in SQL and similar operations exist in other programming languages. The result of the calculation is 0, which means the operation failed.
If successful, the result should be ( binary : 0100 ➡ Decimal number : 22 = 4 ).
#3. Permission Control – Addition
Unable to meet the demands of the man in black, Henry had to directly approach the network administrator and requested all permissions at once.
After some persistent persuasion, the network administrator finally agreed to add “U Modify” and “D Delete” permissions for him.
To add permissions, we need to use the binary OR operator to combine them.
#4. Permission Control – Removal
With all the permissions, Henry was able to manipulate the account balance, helped the man in black and received a large sum of money. However, the truth eventually came to light during an internal financial audit.
As Henry had made some contributions, the boss decided to leave him with the “R Read” permission only.
As we can see, using the XOR binary calculation method, Henry is left with only the ‘R Read‘ permission (binary : 0010 ➡ Decimal number : 21 = 2) after the processing.
What’s Next for Henry?
Although Henry failed to control the permissions this time, no one could have predicted what other nefarious schemes he had in mind. Will he continue to exploit his access and manipulate the system for his own gain, or will he eventually realize the error of his ways and turn over a new leaf? Only time will tell…
In conclusion, the story of Henry serves as a reminder of the importance of maintaining strong security measures and the potential risks of unethical behavior.
🧡You can support me by clicking some ad, Thanks a lot
✅If you got any problem about the explanation, please feel free to let me know