|
URL: http://www.incits.org/
Security administration can be costly and prone to error
because administrators usually specify access control lists for each user on
the system individually. With RBAC, security is managed at a level that
corresponds closely to the organization's structure. Each user is assigned one
or more roles, and each role is assigned one or more privileges that are
permitted to users in that role. Security administration with RBAC consists of
determining the operations that must be executed by persons in particular jobs,
and assigning employees to the proper roles. Complexities introduced by
mutually exclusive roles or role hierarchies are handled by the RBAC software,
making security administration easier.
Keywords:
Role Based Access Control, RBAC
|
