RBAC - Role Based Access Control

Hi everyone,

I've got a quick question about Role Based Access Control - can you be assigned more than ONE role?

Thanks!

Find more posts tagged with

Comments

Darril

k100 wrote: »

Hi everyone,

I've got a quick question about Role Based Access Control - can you be assigned more than ONE role?

Thanks!

Absolutely.

As an example, Microsoft systems implement RBAC with groups. For example, an organization can have a group named Sales for all the users in the sales department. Additionally, they may have a group named Sales_Managers for the managers in the sales department. The Sales group is granted basic rights and permissions for access to Sales department resources. The Sales_Managers group is given elevated rights and permissions for additional access.

Is it possible for someone to be an employee in the Sales department and a manager of the Sales department? Absolutely. This person would be a member of both the Sales group and the Sales_Managers group. Said another way, this person would be a member of the Sales and Sales_Managers roles.

HTH,

Darril Gibson
Security+ blog
Security+ Tip Of Day