Role-based Access Control: New Relevance with Cloud Computing

Role-based access control (RBAC) is an approach to restricting system access to authorized users. It prevents users from accessing parts of the system or parts of the data depending on their designated “role.” RBAC is used by the majority of large companies, but is highly beneficial for smaller to mid-sized companies seeking to have more control over their data systems, notably if those systems are cloud-based.

RBAC can implement mandatory access control (MAC) or discretionary access control (DAC). Determining if RBAC is needed is part of the requirements gathering process, which we blogged about recently. While it is optional to have RBAC, we find through the discovery and requirements process that most of our clients require some form of role-based access to manage the technology and to ensure data integrity.

RBAC Roles

Typical types of role-based access include:

  • Administrators: Ability to modify how the system operates.
  • Users: Those that use the system to input and/or view data.
  • Managers: Those who use the system to view data in aggregate or to view individual data for specific system users.

Administration is a vital component that is often overlooked. Administration allows business users (based on their role-based access) to modify how the system operates within defined parameters. Here are some examples:

  • Adding new users
  • Modifying existing users role-based permissions
  • Changing a target KPI

The main goal for administration is to eliminate the need to involve a developer in order to change defined aspects of the system. This frees developers up to focus on more complex tasks like adding new functionality or creating new outputs for enhanced analysis and reporting.

RBAC and Cloud Computing
With the rapid adoption of cloud computing, RBAC has become increasingly important. According to Rackspace when it comes to the cloud, it helps to:

  • Minimize downtime and accidental changes to cloud resources.
  • Helps to synchronize cloud product access to the functions of an employee’s job.
  • Prevents unauthorized access to cloud product through the sharing of administrative credentials.

We hope you have found this information on RBAC helpful. For more information on developing web-based applications that incorporate RBAC, download our free eBook – Discover. Build. Launch. A Playbook for Uplifting and Inefficient System into a Web-based Application that Meets Your Business Goals.

Leave a Comment