A role-based access control (RBAC) model, also called "non-discretionary access control", uses a centrally administrated set of controls to determine how subjects and objects interact. This type of model allows access to resources based upon the role the user holds within the company. It is referred to to as non-discretionary because assigning a user to a role is unavoidably imposed. This means that if you are assigned only to the contractor role in a company, there is nothing you can do about it. You do not have the discretion to determine the role you will be assigned.
for the most up to date information on the RBAC model, go to http://crsc.nist.gov/rbac
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment