RBAC Reference Model:
Core RBAC
Hierarchical RBAC
Static separation of duty relations
Dynamic separation of duty relations
Advantages of RBAC:
Authorization management is convenient. If the system administrator needs to modify system settings and other content, there must be several users with different roles present for the operation to ensure security.
The roles of financial personnel can be distinguished based on work requirements. For example, employees of the financial and non-financial departments of the enterprise can access the company's financial services.
It is easy to grant minimum privileges. Even if a user is granted a senior identity, it may not be necessary to use it to reduce losses. Only the user can have privileges if necessary.
It is easier for tasks to share different roles to complete different tasks.
To facilitate hierarchical file management, files can be divided into different roles, such as mail bills, which are owned by users of different roles.