Read 14 Access Control (ACL) - liz-kavalski-401-advanced-javascript/seattle-javascript-401n13 GitHub Wiki

5 Steps to rbac(Role-Based Access Control)

• RBAC is a way to assign user by their role based on their role in the company.
• The access is assigned strictly to role.
• It can in small to medium companies becomes unsustainable.
• It easier
• An Access Control List(ACL) is a means of defining access rights by a given user or user group, to a specific object, such as a document.
• Attribute-based access control (ABAC) — ABAC, sometimes known as policy-based access control, can use a variety of attributes, including user department, time of day, location of access, type of access required, etc. to determine whether a user’s access request should be granted.

rbac at Rackspace

• Has Account Owners and Account User.
• Account Owner can create, read, update and delete.
• Roles determine level of access a person may or may not have.
• can have a read-only role, full accuses role, custom roles.