Identity & Access Management
Security Congress Abstract
In the context of identity and access management, role-based access control (RBAC) and lately attribute-based access control (ABAC) has been widely used by enterprises across all industries. RBAC is simple to maintain and start with; whereas, ABAC can be easily automated, based on a well-maintained repository of personnel information. But the disadvantage of both these methods of access control becomes obvious when the number of roles increase in large organization. CBAC (context-based access control) doesn’t compete with ABAC. In fact, it complements it. CBAC reduces the number of roles and makes it a lot easier for users to request meaning ful roles to request using an identity and access management tool.