Extending Role Based Access Control

by J. Michael Butler
Sept. 1, 2017 0 comments SANS Institute authentication

Role based access control (RBAC), first conceived in the 1990s, is a mature and widely used model for controlling access to operating systems and software.Within the RBAC model, access is granted based on the roles individual users have in the organization using the system. For example, with RBAC, a user administrator can add, change or delete users without having access to more powerful commands a system administrator can execute and without having access to files a system administrator can access. RBAC solves the problem that many UNIX systems have where“root”is used to gain complete access in order to do the simplest administrative tasks,which do not require super user access.