Role Based Access Control

From MgmtWiki
Revision as of 11:07, 12 October 2022 by Tom (talk | contribs)

Jump to: navigation, search

Full Title or Meme

The ability to use the role of the user to control access to resources.

Context

  • Created to try to simplify to process of controlling access by a large number of user to a large number of different access regimes.
  • RBAC system administrators control what users can do with specific IT resources, and which areas they have access to. It is simple to implement since there are only three basic principles to keep in mind; roles are based on a “Role Assignment”, “Role Authorization”, and “Permission Authorization”.
  • With RBAC the process of assigning employees to roles and the of assigning assets to roles is decoupled so that users can change roles and automatically change the resources that are available to them.
  • One important effect of that is that when an employee is terminated, all of their roles are removed which means all of their accesses are terminated.

Problems

  • One of the main problems is that it is not an automatic process, meaning that it needs to be painstakingly managed and often involves significant manual intervention.

References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Role_Based_Access_Control&oldid=16143"