Changes between Version 23 and Version 24 of Internal/Rbac


Ignore:
Timestamp:
Oct 10, 2006, 1:53:21 PM (18 years ago)
Author:
anonymous
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Internal/Rbac

    v23 v24  
    11[[TOC(Internal/Rbac,Internal/Rbac/OrbitRbacLevels,Internal/Rbac/OrbitRbacDesign,Internal/Rbac/LdapResources,Internal/Rbac/RbacResources)]]
    22== Role-Based Access Control ==
    3 Role-Based Access Control (RBAC) will be used by ORBIT to ''control'' each user's ''access'' to ORBIT resources based on his or her ''role''.  RBAC promises simpler administration of access control than maintaining access control lists for each resource.  It enables an organization to enforce separation of duty, the principle of least privilege and timely revocation of trust.  Because it is based on a formal model, a given assignment of users to roles may be checked for consistency with the organization's security design goals.
     3Role-Based Access Control (RBAC) will be used by ORBIT to ''control'' each user's ''access'' to ORBIT resources based on his or her ''role''.  RBAC promises simpler administration of access control than maintaining access control lists for each resource.  It enables an organization to enforce separation of duty, the principle of least privilege and timely revocation of trust.  Because it is based on a formal model, a given assignment of users to roles may be checked for consistency with the organization's security goals.
    44
    55RBAC is being implemented in ORBIT to protect each project's information from access or disruption by other projects, to minimize some problems within projects, and to provide tools for project administration by each project's Principal Investigator.  That is, to insure that an ORBIT user has access only to information that belongs to the project he or she is working on, and is granted permissions in accord with the roles in which he or she is active.