From 28c2dbec1f9c5dcb741eb564de919ab32a631fc6 Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Mon, 24 Mar 2025 12:13:19 -0600
Subject: docs: add ntoes from zanzibar paper

---
 doc/share/authz/RBAC.md | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'doc/share/authz/RBAC.md')

diff --git a/doc/share/authz/RBAC.md b/doc/share/authz/RBAC.md
index cbf05e0..2f0054a 100644
--- a/doc/share/authz/RBAC.md
+++ b/doc/share/authz/RBAC.md
@@ -1,6 +1,6 @@
 # Role-Based Access Control (RBAC)
 
-Assigns permissions to roles, which are collections of permissions related to specific job functions.
+Assigns permissions to roles, which are collections of permissions related to specific job functions. [1][1]
 
 This style of access control aligns with how humans organize themselves within
 organizations by assigning job functions to roles. This model is simple and
@@ -92,6 +92,12 @@ individual subjects prior to a request to perform an operation on the object.
 * Environment conditions: operational or situational context in which the access
   request occurs.
 
+> Roles can inherit from each other and imply permissions. - [1][1]
+
 ## See also
 
-* [Role-Based Access Controls](https://csrc.nist.gov/files/pubs/conference/1992/10/13/rolebased-access-controls/final/docs/ferraiolo-kuhn-92.pdf)
+* [Role-Based Access Controls][1]
+* [Zanzibar][2]
+
+[1]: https://csrc.nist.gov/files/pubs/conference/1992/10/13/rolebased-access-controls/final/docs/ferraiolo-kuhn-92.pdf
+[2]: https://storage.googleapis.com/gweb-research2023-media/pubtools/5068.pdf
-- 
cgit v1.2.3