RBAC - Role Based Access Control

k100k100 Banned Posts: 2 ■□□□□□□□□□
in Security+
Hi everyone,

I've got a quick question about Role Based Access Control - can you be assigned more than ONE role?

Thanks!
· Share on FacebookShare on Twitter

Comments

  • DarrilDarril Member Posts: 1,588
    k100 wrote: »
    Hi everyone,

    I've got a quick question about Role Based Access Control - can you be assigned more than ONE role?

    Thanks!

    Absolutely.

    As an example, Microsoft systems implement RBAC with groups. For example, an organization can have a group named Sales for all the users in the sales department. Additionally, they may have a group named Sales_Managers for the managers in the sales department. The Sales group is granted basic rights and permissions for access to Sales department resources. The Sales_Managers group is given elevated rights and permissions for additional access.

    Is it possible for someone to be an employee in the Sales department and a manager of the Sales department? Absolutely. This person would be a member of both the Sales group and the Sales_Managers group. Said another way, this person would be a member of the Sales and Sales_Managers roles.

    HTH,

    Darril Gibson
    Security+ blog
    Security+ Tip Of Day
    Darril Gibson
    CompTIA A+, Network+, Security+ Blogs
    Daily Network+ and Security+ Test Taking Tips on Twitter
    · Share on FacebookShare on Twitter
Sign In or Register to comment.