Online Training and Content Provider | Download |
Role engineering is the process of defining roles and related information such as permissions, constraints and role hierarchies, as they pertain to the user's functional use of systems, applications and business processes. Access to resources (online and hardware) is primarily business-driven and roles are defined based on the responsibilities of a given job function. Roles are defined by reviewing organizational business and job functions and mapping the permissions for each job function. This approach provides business oversight and alignment of roles with business functions and re-usability. Customer's requirement was to define, design, build and deploy Role Based Access Control (RBAC) to the facilities, applications and hardware that are both time and location bound.
SolutionAs part of the initial system analysis study, PERI met with the business group and management authorities to define the roles and provide an Entitlements Role Based Map - Role to Resource Mapping. Based on the client needs, PERI assisted in building and implementing RBAC solution to ensure proper identity and access management and completed the following tasks. .
- Define scope and boundaries
- Identify access policies to determine entitlements for any given job responsibility
- Group user access based on privileges corresponding to the job functions
- Ensure that the system has no mutually exclusive roles assigned to the same person
- Create role hierarchies to help simplify role definitions by grouping multiple roles
- Integrate roles into existing IdM solutions deployed by the client
Role-Based Access Control
Role-based access control (RBAC) will be used for managing entitlements. RBAC simplifies entitlement management by using roles (as opposed to users) as authorization subjects. Integrating RBAC as an integral part of any Identity and Access Management (IAM) initiative is the key to ensure success in RBAC deployments. RBAC also reduces the risks of users having inappropriate access privileges and aggregating entitlements as they change job functions.