Role Based Access Control (RBAC) simplifies administration of security policies in large and complex organizational structures, and minimizes organizational silos.
So what exactly is RBAC? It’s a gate-keeper mechanism that determines who has what type of access to which objects.
RBAC determines who does what to whom
For example, RBAC answers questions like “which service requests show up in Leah’s workspace?”, “Can Jeremy dispatch a complaint request from the MRI Imaging dispatch queue folder?”, or “Can VP’s from our North American Truck Division run reports on the European Piano Division?”
RBAC supports groupings that make it both easier to manage the security database, and enhance integrity. Namely:
Without groupings, security management would become an unmanageable, unreliable nightmare in short order. In a situation where there are 1000 users, 100 folder hierarchies, and 30 privileges, we would have 3,000,000 entries to maintain.
With groupings, we simply define roles (collection of privileges) and teams (collection of users), and give them access over departments (or folder subtrees).