Role-based access control (RBAC) is a security mechanism that can lower the cost and complexity of security administration for large networked applications. RBAC simplifies security administration by using roles, hierarchies, and constraints to organize privileges (Ferraiolo et al., 1992).
Key Terms in this Chapter
Domain Identity: A human being, a machine, or an intelligent autonomous agent.
User: Defined as a valid domain identity at a particular organization.
Group: A set of users.
Role: Contains a set of groups associated with similar duty and authority.
Action: A matrix of operations on objects.
Permission: Defines a right of a role to perform an action on a resource.
Resource: Defines a set of protected Web objects.