Role-Based Access Control

What Does Role-Based Access Control Mean?

Role-based access control (RBAC) is a method of access security that is based on a person’s role within a business. Role-based access control is a way to provide security because it only allows employees to access information they need to do their jobs, while preventing them from accessing additional information that is not relevant to them. An employee’s role determines the permissions he or she is granted and ensures that lower level employees are not able to access sensitive information or perform high-level tasks.


Techopedia Explains Role-Based Access Control

In RBAC, there are three rules:

  1. A person must be assigned a certain role in order to conduct a certain action, called a transaction.
  2. A user needs a role authorization to be allowed to hold that role.
  3. Transaction authorization allows the user to perform certain transactions. The transaction has to be allowed to occur through the role membership. Users won’t be able to perform transactions other than the ones they are authorized for.

All access is controlled through roles that people are given, which is a set of permissions. An employee’s role determines what permissions he or she is granted. For example, a CEO will be given the role of CEO and have any permissions associated with that role, while network administrators will be given the role of network administrator and will have all the permissions associated with that role.


Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…