Reading: Login and Auth - jacobwendt-401-advanced-javascript/cr-js-401d3 GitHub Wiki

Role-Based Access Control (RBAC)

RBAC restricts network access based on a persons role within an organization and is one of the main methods for access control.

  • Employees are only allowed to access the information necessary to effectively perform their job duties.
  • Access can be based on several factors, such as authority, responsibility, and job competency.
  • lower-level employees usually do not have access to sensitive data if they do not need it to fulfill their responsibilities.

Why is it used...?

  • Managing and auditing network access is essential to information security.
  • Access can and should be granted on a need-to-know basis.
  • Reduces administrative work and IT support
  • Maximizes operational efficiency
  • Improves compliance