Secure Coding mailing list archives
RBAC question
From: "avi" <avis () bll co il>
Date: Sun, 15 Feb 2004 16:02:12 +0000
Hello, This is my first time I am trying to ask the list, so please bear with me... According to my understanding of the Role Base Access Control (RBAC) model, the identified end user is checked against predefined role and then, the process is running under the context of another predefined "generic" user (that defined for that specific role) that is actually access the end resource (a table in DB for example). This means that the end user is not recorded in the DB log and that impose a problem from audit perspective. Another concern is that monitoring and debugging tools will display the "generic" user name so it will be a challenge to tie this process to the end user activity. My questions to the list: - Did I misunderstand the model ? - Any solutions ? - Anyone else implement this model ? if so how ? Thank you in advance Avi Shvartz <<<< "Children", I say plainly, "watch out for the baobabs!" >>>> <<<< The Little prince by Antoine de Saint Exupery. >>>>
Current thread:
- RBAC question avi (Feb 15)
- Re: RBAC question Glenn and Mary Everhart (Feb 15)
- Re: RBAC question George Capehart (Feb 16)