What is an RBAC system?

An access control system is used to restrict a user's access to the components within an application. In a Role Based Access Control system this access is defined for user groups (or 'roles') instead of individual users.

Some applications will allow any user to access it and have automatic access to any function within it. Other applications may be restricted to a limited set of users, and this requires some sort of security mechanism. This usually starts with a logon screen into which a user must enter a valid combination of user-id and password before being allowed to continue. This list of users is dynamic, which means that it has its own database table and maintenance screens.

In some applications it may be a requirement that even though an individual may be able to access the application, that individual may not be able to access every function within the application. This requires a more sophisticated security mechanism. As well as the "what" table (functions and menus) and the "who" table (users) we now need a "who has access to what" table (known as a security profile or access control list), and another set of maintenance screens. As groups of users may require the same security profile it makes sense to apply security controls at the group level and have those controls automatically inherited by every user within that group instead of applying those controls to individual users. These "user groups" may be referred to as "security classes" or "roles", hence the name Role Based Access Control.

In some RBAC systems the security checking is performed within each function as soon as it is activated, and depending on the results of this security check the function may either continue or terminate with a suitable error message. This means that the user does not know that access to that function is disallowed until after it has been selected. In a more user-friendly system, as in RADICORE, all security checking is performed before the list of possible options is displayed to the user so that all inaccessible options can be automatically filtered out of the list. This means that what is visible is accessible, and what is inaccessible is invisible.

As well as denying access to complete tasks to certain groups of users, there is also the ability to specify restrictions down to the field-within-a-task level. You can make a field display-only for certain users, or you can remove it from the screen altogether for certain users.

The system used within RADICORE has a design document and a separate user manual.

Published: 09 April 2006