Skip to content
Search
Glossary Listing

What is Role-Based Access Control (RBAC)?

What is Role-based Access Control (RBAC)?

Role-based access control (RBAC) is a security mechanism for limiting access to systems and resources based on a user’s “role.” The goal of RBAC is to prevent security breaches and protect critical systems by managing identity roles and access privileges.

Traditional role-based access controls (RBAC) restrict access to individual resources and assign a user to a pre-defined role, often based on job function. The role can access or change the data in the resource assigned to it but cannot access resources not assigned to the role.

Typically RBAC is defined with high-level, coarse-grained access controls, which allow organizations to quickly and easily define permissions over a breadth of resources. This makes it easy to implement, though it doesn’t allow for the precision of restrictions required by many regulations. Coarse-grained RBAC can’t limit access on a fine-grained basis to prevent accidental disclosures and maintain data privacy and security.

Resources