1.4 - Why is ANSI RBAC Important?

  • Enforces the concept of least privilege. Granting users business functionality doesn't imply entitlements may be used at any time. For example a bank teller shouldn't withdrawal money from customer accounts outside of normal business hours or freelance contractors don't require access to production resources to do their jobs.

  • Enables Regulatory Compliance. Who has been granted authority to the most important resources? How can we be certain that terminiated employees and customers no longer have access to controlled resources?

  • Enforces separation of duty policies. For example traders must not be regulators or purchasing agents cannot approve transactions.

  • Eases administration costs due to elimination of redundant resources. Enable business units to be delegated administrative tasks.