RBAC
RBAC is an access control model where permissions are assigned to roles (not directly to users), and users are granted access by being assigned to one or more roles.
⚙️ How Does It Work?
Administrators define roles with specific entitlements. Users are assigned roles matching their job function. When a user's role changes, permissions change automatically.
📍 Where Is It Used?
The dominant access control model in enterprise applications, operating systems, cloud platforms, and databases.
💡 Real-World Example
A hospital defines roles: Doctor (read and write patient records, order medications), Nurse (read records, administer medications), Admin (schedule only). When a nurse is promoted to doctor, her role changes and all permissions update instantly.
🔗 Related Terms
Stay Ahead in Identity Security
Get weekly IAM, PAM & IGA insights via Identity Pulse.
Subscribe to Identity Pulse →