This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Role
Role

Version management

Difference between version and

At line 1 added 37 lines
!!! Overview
[{$pagename}] is a collection of [entitlements] that define access rights and definitions.
[{$pagename}]s are used in various [Access Control Models].
No common definition of a [{$pagename}].
Our [Entitlement Example] shows how we think a [{$pagename}] should be considered.
There is a lot of confusion and differing ideas on [{$pagename}]s when related to [IDM]. The concept of the role is to provide a level of indirection separating users from fine-grained [permissions] and assign the [permissions] to the role and then the role to the various users as desired.
[Roles] and [Entitlements] are hard and complex.
A [{$pagename}] is a collection of [entitlements] (or [Privileges]) that are created for the various job functions in an organization.
For many of our discussions we will use [{$pagename}] as a collection of [Privileges] which we may specifically refer to as [Entitlements].
!! Semantic Construct
A [{$pagename}] is properly viewed as a semantic construct around which [Access Control] policies are formulated. Some things to keep in mind on roles:
* The particular collection of users and [Privileges] brought together by a [{$pagename}] is transitory.
* The [{$pagename}] is more stable because an organization's [Entitlements] or functions usually change less frequently.
!! Role Rules (Dynamic Role Model)
Rules extend the static model, established by attaching a user to a Role, by examining user attributes such as:
* department code
* location code
* additional known details, such as mail server location
!!![RBAC How are roles different from groups]?
[RBAC How are roles different from groups]?
!!![RBAC Defining Roles|RBAC Defining Roles]
TBD
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop