Secure Coding mailing list archives
Re: RBAC question
From: Glenn and Mary Everhart <Everhart () gce com>
Date: Sun, 15 Feb 2004 20:19:59 +0000
You have indeed misunderstood the model. The deal is that with users should be assigned attributes or identifiers corresponding to roles they play. Then you set protections based on the roles. Reason for this added indirection is that it makes sense to say "helpdesk people may have access to file X", instead of "Tom, Dick, and Harry may have access to file X" so if one of the named users leaves or changes duties, the list of "helpdesk people" can be updated once, rather than having to update all the access control lists that might mention individuals. You leave individuals logging in and accessing so the audit/forensics info is preserved. avi wrote: Hello, This is my first time I am trying to ask the list, so please bear with me... According to my understanding of the Role Base Access Control (RBAC) model, the identified end user is checked against predefined role and then, the process is running under the context of another predefined "generic" user (that defined for that specific role) that is actually access the end resource (a table in DB for example). This means that the end user is not recorded in the DB log and that impose a problem from audit perspective. Another concern is that monitoring and debugging tools will display the "generic" user name so it will be a challenge to tie this process to the end user activity. My questions to the list: - Did I misunderstand the model ? - Any solutions ? - Anyone else implement this model ? if so how ? Thank you in advance Avi Shvartz <<<< "Children", I say plainly, "watch out for the baobabs!" >>>> <<<< The Little prince by Antoine de Saint Exupery. >>>>
Current thread:
- RBAC question avi (Feb 15)
- Re: RBAC question Glenn and Mary Everhart (Feb 15)
- Re: RBAC question George Capehart (Feb 16)