On 6 November 2013 20:53, Caleb Cushing <xenoterrac...@gmail.com> wrote:
> "Role Based Access Control" Exactly, even in the global contexts of the definition of "Role" in human language, Role is simply one, of a list of many methods, to provide an access control mechansim. That is to say, "Role" does not infer "access control". ie: You're providing a mechanism for access control, and the mechanism is applied using the role approach. It is not that it is a role that is the distinguishing character, it is that it is an access control mechanism. The reason you need to seperate the word "Role" from the mental model, is that non-roles are required to make it work, for instance, RBAC may need a way of authenticating the user somehow, whether it be integral, or externally governed. -- Kent
