diff options
Diffstat (limited to 'doc/share/authz/RBAC.md')
| -rw-r--r-- | doc/share/authz/RBAC.md | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/doc/share/authz/RBAC.md b/doc/share/authz/RBAC.md index cbf05e0..2f0054a 100644 --- a/doc/share/authz/RBAC.md +++ b/doc/share/authz/RBAC.md @@ -1,6 +1,6 @@ # Role-Based Access Control (RBAC) -Assigns permissions to roles, which are collections of permissions related to specific job functions. +Assigns permissions to roles, which are collections of permissions related to specific job functions. [1][1] This style of access control aligns with how humans organize themselves within organizations by assigning job functions to roles. This model is simple and @@ -92,6 +92,12 @@ individual subjects prior to a request to perform an operation on the object. * Environment conditions: operational or situational context in which the access request occurs. +> Roles can inherit from each other and imply permissions. - [1][1] + ## See also -* [Role-Based Access Controls](https://csrc.nist.gov/files/pubs/conference/1992/10/13/rolebased-access-controls/final/docs/ferraiolo-kuhn-92.pdf) +* [Role-Based Access Controls][1] +* [Zanzibar][2] + +[1]: https://csrc.nist.gov/files/pubs/conference/1992/10/13/rolebased-access-controls/final/docs/ferraiolo-kuhn-92.pdf +[2]: https://storage.googleapis.com/gweb-research2023-media/pubtools/5068.pdf |