The administration of services in organizations is becoming increasingly resource intensive and complicated due to the many services deployed in and across the enterprise. Role-based access control (RBAC) is an alternative methodology that assigns administrators and users to roles that relate to job functions. Users acquire permissions through the role, and hence, are not assigned the permissions directly. While users and permissions may change frequently, roles are comparatively stable, and thus, simply administration.
An administrator can modify the role, but thereafter, over a period of time and perhaps several role modifications, it is difficult to know whether the role has a smaller or larger set of permissions. Thus, permission auditing is problematic. In an access control list (ACL) regime this modification is performed by adding access control entries, which are difficult to audit. In RBAC, modification can be accomplished by adding and removing actions. However, ensuring consistency and order between roles is not possible. In other words, permission auditing is a reactive measure once accidents are found and unintended access to extremely important objects was given. New role modification or ACLs can still accidentally override the previously set permissions.
Although the general RBAC model may work adequately for the general application, administration lacks the ability to provide more focused role management for specific individuals, to exclude certain objects, such as high-level employees and managers such as company executives, for example. The RBAC model provides filtering as an approach to attempting more focused administration; however, this means that each time a new scope is defined a new filter needs to be added that excludes such objects. This is a burdensome and error-prone effort. Moreover, a new administrator may not readily be aware of such restrictions, and impose rules and roles that mishandle these objects.