What is role based access control?
Roles with different privileges and responsibilities have long been recognized in business organizations, and commercial computer applications dating back to at least the 1970s implemented limited forms of access constraints based on the user’s role within an organization. These role-based systems were relatively simple and application-specific. That is, there was no general-purpose model defining how access control could be based on roles, and little formal analysis of the security of these systems. The systems were developed by a variety of organizations, with no commonly agreed upon definition or recognition in formal standards. A general-purpose role based access control model was proposed in 1992 by Ferraiolo and Kuhn, integrating features of existing application-specific approaches into a generalized role based access control model. This paper presented RBAC as an alternative to traditional Mandatory Access Control (MAC) and Discretionary Access Control (DAC), and gave a formal d
Related Questions
- Based on the Centers for Disease Control and Prevention (CDC) recommendations for postexposure prophylaxis, what details must the employer include in an incident report?
- Is there a PC based program that allows for central control of multiple DVR?
- Can a Peroxygen Based Tomato Fungicide Effectively Control Tomato Diseases?
