Role Based Access Control (RBAC)

Identity and Access Management (IAM) Role Based Access Control (RBAC) is an effective security framework that enables organizations to efficiently manage access rights within their IT systems.

RBAC is a feature of IAM systems that secure the access of users to certain resources or applications on the basis of their individual roles within an organization. This system helps organizations maintain an appropriate level of security by limiting user access to the resources they need for their job roles.

RBAC helps organizations to simplify and streamline access control processes. This is done by mapping users, or groups of users, with specific roles, and assigning privileges based on that role. As a result, organizations can quickly grant or restrict access rights on an individual basis without having to go through a lengthy authorization process.

This not only helps to improve security, but also saves time and resources by reducing the amount of manual work required for access control processes.

IDHub Role Based Access is a flexible and powerful tool used to assign resources to users based on their attributes.

IDHub admins are the only users who have access to the Role Based Access tool.

Below are the features available to admins:

• Wizard-Based Role Creation
• Conditional Based Role Queries
• Birthright Roles
• Bulk Role Upload Tool
• Manage Roles
• Easy Creation With No Technical Experience Needed

IDHub makes it easy to manage Role based permission to new users, by providing an option to automatically assign a set of Roles while onboarding all users, or specifically defined users.

Taking it a step further, IDHub has an advanced Role Condition feature.

Role Conditions assist with determining various scenarios, through a configured set of rules or Conditions.

IDHub uses conditional rules to automatically assign Birthright Access to newly onboarded users with the Role Condition Query. This query allows us to combine multiple conditions using and/or, to form the query.

IDHub offers a unique Bulk Role Upload feature, that allows admin to quickly and efficiently upload multiple roles in a few simple clicks, saving valuable organizational time and resources.

The bulk upload feature provides admins with a CSV template for easy data entering.

Admins can easily follow our IDHub how to guide, to ensure accuracy while perform the upload.

Attribute-Based Access Control (ABAC) varies slightly from Role-Based Access Control (RBAC). RBAC provides user access to resources, based on Role assignment, where ABAC provides user access to resources, based on resource attributes and user attributes.

However IDHub can accommodate both simultaneously.

Attributes can include name, email, location, operating system, time of day, network, security clearance, or device type.

This added layer of security allows systems to have more granular control over its users, and protect against outsiders using a compromised user account maliciously.

IDHub includes many out-of-the-box schema attributes. Any custom attribute can be created and added to the schema.

Suppose a user is newly onboarded, has a job title change, a department change, or a location change.

IDHub will recognize the user attribute change, and automatically grant or revoke Role access according to the conditions configured within the Roles.

IDHub matches the resource attributes within the Role, against the user account information, then appropriately provisions or deprovisions the resources which are assigned to the Role.