A content management system is a computer software system for organizing and facilitating collaborative creation of computer resources. A computer resource refers to a computer media file, a computer program, a computer document, or any other computer content. A content management system is frequently a web application used for managing websites and web content, though in many cases, content management systems require special client software for editing and constructing resources.
In role-based access control (RBAC) systems, access to a computer system is provided to groups of users, termed “roles.” All users belonging to a given role have the same privileges to access the system. Users are then granted access depending on their membership in appropriate roles.
RBAC is considered useful in many commercial environments because it allows access to the computer system to be organized along lines corresponding to the actual duties and responsibilities of individuals within commercial organizations. Various types of access privileges can be organized as a function of role assignments. A particular advantage of RBAC is that it allows the access privileges provided to users to be reconfigured as the individuals change roles, simply by deleting one's original assignment to a first role and adding one to the new role.
A problem in adapting RBAC to a content management system is that when a resource is added to the content management system, the access privileges related to the resource must be assigned to a particular role or set of roles. Thus, a system administrator must manually assign these privileges when a resource is added to the system. This is cumbersome and in many instances impractical for a large and dynamic system. What is needed is RBAC for a content management system that is dynamic and easily scalable as resources are added to the content management system.