Access Control

Readings

• 5 Steps to RBAC

  1. What is Role Based Access Control (RBAC) and why do we care?

     • assigning system access to users based on their role within an organization/to get a handle on access control

  2. Describe a Role/Permission heirarchy that you might implement using RBAC.

     • user/admin

  3. What approach might you take to implement RBAC?

     • implement your syatems, analyze your workforce and create roles, assign people to roles, never make one-off changes, audit

• wiki - RBAC

  1. If Authentication is “you are who you say you are,” what is Authorization?

     • what part of the syaytem you are authorized to use

  2. Name three primary rules defined for RBAC.

     • role assignment, role authorization, permission authorization

  3. Describe RBAC to a non-technical friend.

     • there are roles in a company the higher you go the more you can access, this sytem puts those authorizations in place

Videos

• RBAC

  1. What Are access rights Associated with? The User? or The Role? Explain.

     • role-your role determins what you’re authorized to access

  2. Access Rights, or Authorization, is activated after a user successfully does what?

     • authenticated

  3. Explain how RBAC might benefit a business.

     • security, orgnization, access control

Things I want to know more about

• I have to watch the lecture to really answer this