RBAC

Role Based Access Control

What is Role-Based Access Control?

Definition and Purpose

Role-Based Access Control (RBAC) is a method of managing access to resources and locations based on role-defined permissions. These permissions are based on the specific responsibilities and tasks that a user in that role must perform. A standard was formalized in 1992 by Ferraiolo and Kuhn for NIST.

In an RBAC system, all users are assigned roles (along with their pre-defined permissions), with access being controlled based on roles instead of individual identities. Then when a user then tries to access a resource, location, or perform a restricted action, they must prove their role has the correct permissions in order to be granted access, or else it is denied.

Key Components of Successful RBAC

There are many components that make up a successful RBAC system. This includes many tasks that must be performed regularly to mitigate risk of improper

  • Roles/Permissions - Well-defined roles that represent job characteristics within the organization. These may be enforced with various role-identification solutions like tokens or key cards.
  • Access Control Lists - Lists specifying users' roles, and thus their permissions and accessible resources.
  • Centralized Administration Interface - A system that allows administrators to manage roles and their permissions, as well as a provide a clear overview of users' roles.
  • Access Reviews - Regular audits that ensure users have roles that are consistent with their roles and responsibilities.
  • Training and Documentation - Thorough training and documentation are crucial in long-term maintenance, making sure that both users and administrators understand the principles of the system. 

Enterprise 2FA and password manager. One key for all your passwords. Experience fully automated login and security. Faster MFA, auto-OTP, password manager, and worry-free workflow with proximity-based privileged access management for Windows 11, 10, 8, 7, VPNs, desktop applications, and websites.

Download the free Android app.

Proximity-based MFA login

Active Directory integration with admin console

Automatic lock for all workstations

Continuous authentication password manager

Automatic OTP on websites for 2FA

Wireless login for desktops, VPNs, web, and software

or call 240-547-5446