diff options
| author | mo khan <mo@mokhan.ca> | 2025-03-24 12:13:19 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-03-24 12:13:19 -0600 |
| commit | 28c2dbec1f9c5dcb741eb564de919ab32a631fc6 (patch) | |
| tree | 8b36c74eca1cb0801d480f7cbcfe3aa4e2593a9f /doc/share/authz/RBAC.md | |
| parent | 4eb8d5a66cd20d0701c6ddc8dfb5c55e17069fdb (diff) | |
docs: add ntoes from zanzibar paper
Diffstat (limited to 'doc/share/authz/RBAC.md')
| -rw-r--r-- | doc/share/authz/RBAC.md | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/doc/share/authz/RBAC.md b/doc/share/authz/RBAC.md index cbf05e0..2f0054a 100644 --- a/doc/share/authz/RBAC.md +++ b/doc/share/authz/RBAC.md @@ -1,6 +1,6 @@ # Role-Based Access Control (RBAC) -Assigns permissions to roles, which are collections of permissions related to specific job functions. +Assigns permissions to roles, which are collections of permissions related to specific job functions. [1][1] This style of access control aligns with how humans organize themselves within organizations by assigning job functions to roles. This model is simple and @@ -92,6 +92,12 @@ individual subjects prior to a request to perform an operation on the object. * Environment conditions: operational or situational context in which the access request occurs. +> Roles can inherit from each other and imply permissions. - [1][1] + ## See also -* [Role-Based Access Controls](https://csrc.nist.gov/files/pubs/conference/1992/10/13/rolebased-access-controls/final/docs/ferraiolo-kuhn-92.pdf) +* [Role-Based Access Controls][1] +* [Zanzibar][2] + +[1]: https://csrc.nist.gov/files/pubs/conference/1992/10/13/rolebased-access-controls/final/docs/ferraiolo-kuhn-92.pdf +[2]: https://storage.googleapis.com/gweb-research2023-media/pubtools/5068.pdf |