By using a variation of a Role-Based Access Control (RBAC) model and adhering to its principles, we were able to provide a quality security definition that met our business needs. The business needs were essentially to follow the CIA definition of security and be flexible enough to provide a granular solution. Confidentiality, integrity and availability requirements led to various security rules to prevent all user access unless specifically granted. Our logical security roles helped provide a granular solution by separating the users’ duties into small groups. Even with challenges and obstacles the implementation has been successful.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
