Acrónimos: RBAC
Ver:
· Rol
· Política de seguridad basada en la identidad
· Política de seguridad basada en reglas
Método de
control de acceso en el que los derechos concedidos a un usuario dependen del
role (o roles) a los que esté adscrito.
Access control
based on user roles (i.e., a collection of access authorizations a user receives
based on an explicit or implicit assumption of a given role). Role permissions
may be inherited through a role hierarchy and typically reflect the permissions
needed to perform defined functions within an organization. A given role may
apply to a single individual or to several individuals. [NIST-SP800-53:2013]
Access control
based on user roles (i.e., a collection of access authorizations a user
receives based on an explicit or implicit assumption of a given role). Role
permissions may be inherited through a role hierarchy and typically reflect the
permissions needed to perform defined functions within an organization. A given
role may apply to a single individual or to several individuals. [CNSSI_4009:2010]
(I) A form of
identity-based access control wherein the system entities that are identified
and controlled are functional positions in an organization or process. [Sand]
(See: authorization, constraint, identity, principal, role.) [RFC4949:2007]
Acronym for
role-based access control. Control used to restrict access by specific
authorized users based on their job responsibilities.
https://www.pcisecuritystandards.org/security_standards/glossary.php
method of access
control management whereby the level of clearance and permission is primarily
determined by the job or role that the individual fulfills in the organization.
Role based access
control assigns users to roles based on their organizational functions and
determines authorization based on those roles.
http://www.sans.org/security-resources/glossary-of-terms/
Temas relacionados