RBAC – Role Based Access Control
is a security model to control access to resources based on the roles of individuals.
- Access permissions are assigned to roles. (manager, user, admin, etc.)
- Users are assigned to specific roles.
- Operates on the principle of least privilege.
- Roles: Represent different job functions or responsibilities.
- Permissions: What actions can be performed on the resources or data.
- Users: The individuals assigned to one or more roles.
- It is possible to use hierarchies, where higher levels inherit the permissions of lower-level roles.
- Pros: scalable, productivity, and simplified administration.
- Cons: It can be difficult to manage exceptions or particular things for specific users.
- Cons: Can be difficult to manage exceptions or particular things for specific users.