IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [rbac]

Role Based Access Control is a method of access controls where principals get access to resources through membership of permitted roles.

58 questions
2
votes
1 answer

Explain the concept of RBAC to limit the right of senior staff

If a senior staff got authority to makes changes in the financial records of an organization so can take the money out from the organization which is operated by junior staffs. can RBAC be implemented to stop this?
Jackline
  • 81
  • 1
  • 2
2
votes
0 answers

How do i find the number of relationships between user and permission in DAC and RBAC

This is a part of a homework. I don't want an answer, just a hint. Assume a system with N job positions. For job position i, the number of individual users in that position Ui, and the number of permissions required for that position is Pi For a…
Jackline
  • 81
  • 1
  • 2
1
vote
3 answers

role based access control - same role, different departments

This question about RBAC implementation. Can a subject have a role in a certain realm? Suppose a university is made up of departments. Departments have courses. Courses have students. Students have grades in courses. Note that these grades are…
Ray Morris
  • 11
  • 2
1
vote
0 answers

Attempting to Implement RBAC from ACL

I am trying to implement RBAC to a system but I endup creating an ACL instead due to my low understanding of this archtecture. What I already have implemented: Created User model. Created Groups with different permissions from User…
Elias Prado
  • 111
  • 2
1
vote
0 answers

Access Control - RBAC 0 (Zero) - use case

In this image, in definition of RBAC0, for point 5, if we change the Union to Intersection, will happen and present a use case scenario for this.
Sweety
  • 11
  • 1
0
votes
1 answer

Is it ok to send roles and permissions data to the browser in a RBAC system?

I have a backend with a simple RBAC implementation. We have a list of permissions, each permission is associated with a list of roles, each user is given one or more roles. Is it ok to send this permissions/roles mapping to the browser, so that we…
Mohamed Ramrami
  • 101
  • 2