Role Based Access Control (RBAC) is another term for role management. In computer systems security, role management is an approach to manage authorized users. Within an organization, roles are created for various job functions. The permissions to perform operations are assigned to specific roles. Management of individual user rights becomes a matter of simply assigning appropriate roles to the user. This simplifies common operations, such as adding a user or changing a user’s department.
3 primary rules for RBAC
- Role assignment: A person can execute a transaction only if he or she has selected or been assigned a role
- Role authorization: A person’s active role must be authorized for him or her. With rule 1. above, this ensures that users can take on only roles for which they are authorized
- Transaction authorization: A person can execute a transaction only if the transaction is authorized for his or her active role. With rules 1. and 2., this ensures that users can execute only transactions for which they are authorized
We often faced requests and demands for more sophisticated role-based management and administration capabilities that go beyond the role model that is supported out-of-the-box by IBM Security Identity Manager (ISIM). IBM always recognized the fact that no single role model would be able to deal with all customer requirements. Hence they made it possible to extend and tailor the role model of ITIM to suit more complex situations.
As a response to the market requirement SecurIT went one step further. We leveraged our years of experience with ISIM and RBAC in developing a role management framework called SecurIT RoleManager. This solution is quick and easy to deploy. Moreover it does not require costly or intrusive changes to an existing ISIM installation and extends the product to offer unique – ANSI/NIST RBAC standard compliant – role management capabilities. Check out the product site to discover why RoleManager is the answer to your needs!