Attribute-Based Access Control (ABAC) varies slightly from Role-Based Access Control (RBAC). RBAC provides user access to resources, based on Role assignment, where ABAC provides user access to resources, based on resource attributes and user attributes.
However IDHub can accommodate both simultaneously.
This added layer of security allows systems to have more granular control over its users, and protect against outsiders using a compromised user account maliciously.
IDHub includes many out-of-the-box schema attributes. Any custom attribute can be created and added to the schema.
Location Based Access Control
Suppose a user is newly onboarded, has a job title change, a department change, or a location change.
IDHub will recognize the user attribute change, and automatically grant or revoke Role access according to the conditions configured within the Roles.
IDHub matches the resource attributes within the Role, against the user account information, then appropriately provisions or deprovisions the resources which are assigned to the Role.
Role Based Permissions
Role-based permissions refer to the practice of assigning access rights and privileges to users based on their roles within an organization.
Instead of granting permissions to individual users, permissions are associated with specific roles, and users are then assigned to those roles.
This approach simplifies access control and administration, as users with similar responsibilities or functions share a common set of permissions tied to their roles, making it easier to manage and maintain security.