2

This is a part of a homework. I don't want an answer, just a hint.

Assume a system with N job positions. For job position i, the number of individual users in that position Ui, and the number of permissions required for that position is Pi

  1. For a traditional DAC scheme, how many relationships between users and permissions must be defined?

  2. How many such relationships must be defined for a RBAC scheme?

Neil Smithline
  • 14,842
  • 4
  • 39
  • 55
Jackline
  • 81
  • 1
  • 2
  • 1
    How far have you gotten to come up with an answer of your own? What reading have you done that might help you get to an answer? – schroeder Nov 16 '15 at 03:56
  • 1
    What @Schroeder said. Unfortunately, any proper answer will probably not be very useful, as the answer to (1) is O(N*P*U*X) (where "X" is some likely random value dependent more on organizational structure and culture than anything else); and the answer to (2) is O(N*U*S*X) (where X is as above, "S" signifies distinct systems that manage their own roles silos, as is "traditionally" done). – AviD Nov 16 '15 at 14:59
  • 1
    So optimistically, your homework is designed to point you at the inherent administrative scalability issues, and hopefully ways to mitigate this; less optimistically, your teacher has some fantasy about how these schemes are actually used, and/or a marketing-driven fantasy about how efficient RBAC is. – AviD Nov 16 '15 at 14:59

0 Answers0