Role-Based Access Control (RBAC)
Definition
Role-Based Access Control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise. In RBAC, access rights are grouped by role name, and permissions are granted to roles, not to individual users.
Why It Matters
RBAC simplifies security administration. Instead of managing permissions for hundreds or thousands of individual users, administrators can manage permissions for a much smaller number of roles. This is less error-prone and easier to audit.
Contextual Example
An organization defines roles like "Sales," "Marketing," and "Administrator." When a new salesperson joins, they are simply assigned to the "Sales" role, and they automatically inherit all the permissions associated with that role, such as access to the CRM system.
Common Misunderstandings
- RBAC is the most common model for access control in enterprise environments.
- It helps enforce the principle of least privilege.