Difference between revisions of "RBAC"
(Created page with "{{TOCright}} == See also == <span class="editsection">top</span> == Reference == <span class="editsection">top</span> <references/> [[Category:Ind...") |
m |
||
| Line 1: | Line 1: | ||
{{TOCright}} | {{TOCright}} | ||
| + | Role Based Access Control (RBAC) is a model for giving a user access to one or more resources. | ||
| + | |||
| + | == Introduction == | ||
| + | RBAC is an access control mechanism which: | ||
| + | * Describes complex access control policies, | ||
| + | * Reduces errors in administration, | ||
| + | * Reduces cost of administration. | ||
| + | |||
| + | The NIST RBAC Model uses a limited set of concepts to define an RBAC system as depicted below. | ||
| + | <br>The system has (1) users, users have (2) sessions and sessions and users have (3) roles assigned to them. | ||
| + | <br>Each role consist of (4) permissions and permissions are based on (5) objects and (6) operations. | ||
| + | |||
== See also == | == See also == | ||
<span class="editsection">[[#content|top]]</span> | <span class="editsection">[[#content|top]]</span> | ||
| + | * [https://csrc.nist.gov/CSRC/media/Presentations/Role-Based-Access-Control-(RBAC)-Presentation/images-media/rbac-slides-doe.pdf NIST CSC RBAC], National Institute of Standards and Technology (NIST), Computer Security Resource Center (CSRC) Role Base Access Control (RBAC) Presentation. | ||
== Reference == | == Reference == | ||
Revision as of 15:24, 6 August 2018
Contents |
Role Based Access Control (RBAC) is a model for giving a user access to one or more resources.
Introduction
RBAC is an access control mechanism which:
- Describes complex access control policies,
- Reduces errors in administration,
- Reduces cost of administration.
The NIST RBAC Model uses a limited set of concepts to define an RBAC system as depicted below.
The system has (1) users, users have (2) sessions and sessions and users have (3) roles assigned to them.
Each role consist of (4) permissions and permissions are based on (5) objects and (6) operations.
See also
- NIST CSC RBAC, National Institute of Standards and Technology (NIST), Computer Security Resource Center (CSRC) Role Base Access Control (RBAC) Presentation.
