Role-Based Security

Definition - What does Role-Based Security mean?

Role-based security is a principle by which developers create systems that limit access or restrict operations according to a user’s constructed role within a system. This is also often called role-based access control, since many businesses and organizations use this principle to ensure that unauthorized users do not gain access to privileged information within an IT architecture.

Techopedia explains Role-Based Security

There are many ways to develop a role-based security system. All of them start with the definition of various roles and what users assigned to those roles can and can’t do or see. The resulting levels of functionality must be coded into the system using specific parameters.

Object-oriented programming often involves treating a role as an object relative to certain code modules or functions. In a Microsoft programming setting, a developer might use a PrincipalPermission object in .Net to examine an object containing a role designation and to perform security checks. In other cases, information about an object can be passed to a method for a security check.

Any role-based security system depends on the code's ability to correctly and thoroughly control a given user by his or her assigned role and therefore guard against unauthorized use of proprietary identifiers of a specific role. Alternative models include mandatory access control, where certain specifics are coded into an operating system, and discretionary access control, where some elements of security may be more flexible. For example, a more privileged user may be able to "pass" access to another user in a simple discretionary event or process.
Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.