Role-based access control, or RBAC, is an approach for restricting access to digital resources based on a user’s role in an organization. For instance, under RBAC, a company’s accountant should be able to access corporate financial records but not the content management system used to update the company’s website, while those permissions would be reversed for that company’s web development team.
Just about every organization enforces some kind of access controls on its digital assets—indeed, every operating system in use today has access controls built in. Access controls generally grant specific permissions to (and impose restrictions on) individual users or groups that those users might belong to. What distinguishes the RBAC model from other forms of access control is that the users are grouped together based on the roles they play, and permissions are determined primarily by those roles, rather than being tailored for each individual user. In this article, you’ll learn how RBAC works, and see the advantages and disadvantages of this approach.
More Stories
The NSA’s “Fifty Years of Mathematical Cryptanalysis (1937–1987)”
“Fifty Years of Mathematical Cryptanalysis (1937-1987),” by Glenn F. Stahly, was just declassified—with a lot of redactions—by the NSA. I...
SEC SIM Swapper Gets 14 Months for X Account Hijack
An Alabama man has been sentenced to 14 months for hacking the SEC’s X account Read More
Legal Aid Agency Admits Major Breach of Applicant Data
The UK government says that hackers accessed a “large amount” of personal information in attack on Legal Aid Agency Read...
#Infosec2025: How CISOs Can Stay Ahead of Evolving Cloud Threats
Security experts tell Infosecurity about the cloud attack trends in the past year, and how CISOs can mitigate evolving techniques...
Friday Squid Blogging: Pet Squid Simulation
From Hackaday.com, this is a neural network simulation of a pet squid. Autonomous Behavior: The squid moves autonomously, making decisions...
Communications Backdoor in Chinese Power Inverters
This is a weird story: U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical...