What is Role Based Access Control (RBAC) and why do we care?
RBAC allows you to assigns roles that associate those roles with access & operations that can be performed by those roles to protect resources & functionality.
Describe a Role/Permission heirarchy that you might implement using RBAC.
Admin: Access to everything
Creator: Can add & edit their own resources
User: Can view public resources
What approach might you take to implement RBAC?
Create a heirarchy or resources & functionality, and then group those into tiers of access that you associate with specific roles based on your needs.
If Authentication is “you are who you say you are,” what is Authorization?
Authorization determines what an authenticated user is allowed to access.
Name three primary rules defined for RBAC.
ROle assignmnet, role authorization, permission authorization
Describe RBAC to a non-technical friend.
RBAC allows you to create a system which assigns abilities and access within a system to specific user types.
What Are access rights Associated with? The User? or The Role? Explain.
The role has access rights associated with it, and users have roles assigned to them to provide them those rights.
Access Rights, or Authorization, is activated after a user successfully does what?
Authenticates within the system
Explain how RBAC might benefit a business.
RBAC allows a business to create