Options
RuleBAC
What is RuleBAC? I saw that come up on a practice test and I never came across of it in my studies. I obviously know what MAC, DAC, and RBAC are...
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Ben Franklin
"The internet is a great way to get on the net." --Bob Dole
"The internet is a great way to get on the net." --Bob Dole
Comments
-
Options
shednik
Member Posts: 2,005
mog27 wrote:What is RuleBAC? I saw that come up on a practice test and I never came across of it in my studies. I obviously know what MAC, DAC, and RBAC are...
I haven't heard of it thus far in my Security+ studies but I still have a long way to go....I did a google search and found this
http://www.sharepointsecurity.com/content-132.html
It looks to be similar to RoleBAC but I'll have to do some more research on it...nothing on wikipedia which is surprising. -
Options
Schluep
Member Posts: 346
When they say RuleBAC they are referring to what is also known as Rule Based Access Control, Rule Based Role Based Access Control (RB-RBAC).
It isn't listed in the Security+ exam objectives, however it is actually covered in the Security+ Access Control Technotes found here if you take a look. I know several of the CISSP resources I used preparing for that exam covered it more extensively.Rule-Based Access Control model, which, to confuse matters a bit, is sometimes referred to as Rule-Based Role-Based Access Control (RB-RBAC). It includes mechanisms to dynamically assign roles to subjects based on their attributes and a set of rules defined by a security policy. For example, you are a subject on one network and you want access to objects in another network. The other network is on the other side of a router configured with access lists. The router can assign a certain role to you, based on your network address or protocol, which will determine whether you will be granted access or not.