Role Based Access Control

Role Based Access Control

Post by Rick Ku » Sat, 26 Oct 1996 04:00:00

One of the most challenging problems in managing large networked
systems is the complexity of security administration. Today, security
administration is costly and prone to error because administrators
usually specify access control lists for each user on the system
individually. Role based access control (RBAC) is a technology that is
attracting increasing attention, particularly for commercial
applications, because of its potential for reducing the complexity and
cost of security administration in large networked applications.

NIST has established a Web site that provides information on RBAC
security and software.  The address is

Topics include:

- Introduction to RBAC
- RBAC for Web Servers
- RBAC in Health Care

NIST RBAC software for the projects described is available at no charge.  


  Rick Kuhn                                 Telephone:    +1 301 975 3337
  Natl Institute of Standards & Technology  Fax:          +1 301 926 3696

  Gaithersburg, Maryland  20899  USA