Role Based Access Control (RBAC) is a project of the National Institute of Standards and Technology (NIST) and is intended to create a comprehensive access security model for the structure and operation of enterprise-level organizations in a high technology environment. RBAC has now reached maturity and has been mandated or recommended for implementation by industry regulations worldwide.
In RBAC, users have roles that grant them with permissions to perform defined operations, such as read/write, and permissions on objects, such as computer files. RBAC incorporates the principles of segregation of duties and organizational hierarchy into its model. Segregation of duties prevents a user with a certain job function to serve in another job function at the same time.
|
Copyright © 2014 CA.
All rights reserved.
|
|