Question 3
A system administrator has created the following 'array' as an access control for an organisation.
Developers: create files, update files.
Reviewers: upload files, update files.
Administrators: upload files, delete fifes, update files.
What type of access-control has just been created?
Task based access control.
Role based access control.
Rule based access control.
Mandatory access control.
Correct answer: B
Explanation:
The access control method described is Role-Based Access Control (RBAC). In RBAC, access permissions are based on the roles within an organization, and users are assigned to these roles based on their responsibilities and qualifications. Each role has a defined set of access permissions to perform certain operations. This method simplifies management and ensures that only authorized users can perform actions relevant to their role. For instance, 'Developers' can create and update files, 'Reviewers' can upload and update files, and 'Administrators' have the rights to upload, delete, and update files. This aligns with the RBAC model where permissions are grouped by role rather than by individual user, making it easier to manage and audit.
The access control method described is Role-Based Access Control (RBAC). In RBAC, access permissions are based on the roles within an organization, and users are assigned to these roles based on their responsibilities and qualifications. Each role has a defined set of access permissions to perform certain operations. This method simplifies management and ensures that only authorized users can perform actions relevant to their role. For instance, 'Developers' can create and update files, 'Reviewers' can upload and update files, and 'Administrators' have the rights to upload, delete, and update files. This aligns with the RBAC model where permissions are grouped by role rather than by individual user, making it easier to manage and audit.