Role-Based Security

What Does Role-Based Security Mean?

Role-based security is a principle by which developers create systems that limit access or restrict operations according to a user’s constructed role within a system. This is also often called role-based access control, since many businesses and organizations use this principle to ensure that unauthorized users do not gain access to privileged information within an IT architecture.

Advertisements

Techopedia Explains Role-Based Security

There are many ways to develop a role-based security system. All of them start with the definition of various roles and what users assigned to those roles can and can’t do or see. The resulting levels of functionality must be coded into the system using specific parameters.

Object-oriented programming often involves treating a role as an object relative to certain code modules or functions. In a Microsoft programming setting, a developer might use a PrincipalPermission object in .Net to examine an object containing a role designation and to perform security checks. In other cases, information about an object can be passed to a method for a security check.

Any role-based security system depends on the code’s ability to correctly and thoroughly control a given user by his or her assigned role and therefore guard against unauthorized use of proprietary identifiers of a specific role. Alternative models include mandatory access control, where certain specifics are coded into an operating system, and discretionary access control, where some elements of security may be more flexible. For example, a more privileged user may be able to "pass" access to another user in a simple discretionary event or process.

Advertisements

Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse
Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…

Related News

dummy_img
Blockchain

Anndy Lian: The Complex Challenges Faced by Cryptocurrency Exchanges

Anndy Lian11 years
dummy_img
Featured Content

How Can Crypto Help The Environment? Just Ask Chimpzee, The #1 Eco-Friendly Crypto Project

Alan Draper11 years
dummy_img
Uncategorized

What is SAS? Microsoft’s 38TB Leak Exposes Data Sharing Risks

Nicole Willing11 yearsTechnology Writer
dummy_img
Productivity Software

What Distinguishes SaaS From Regular Software Applications?

John Meah11 yearsCybersecurity Consultant
dummy_img
Blockchain

When is Pi Network’s Launch Date?

Ruholamin Haqshanas11 yearsCryptocurrency Journalist
dummy_img
Artificial Intelligence

Analog Computing for AI: How It Could Make Us Re-Think the Future

Dr. Tehseen Zia11 yearsTenured Associate Professor

Popular Categories
Show All

Antivirus
Antivirus
Artificial Intelligence
Artificial Intelligence
Audio
Audio
CRM
CRM
Cryptocurrency
Cryptocurrency
Gambling
Gambling
Gaming
Gaming
HR
HR
Laptops
Laptops
Network
Network
Password Managers
Password Managers
Project Management
Project Management
Spy
Spy
Trading
Trading
VoIP
VoIP
VPN
VPN