Access control in information systems regulates what a user can do directly, and what that user’s programs are allowed to do. System administrators have to implement access control mechanisms to protect the confidentiality and integrity of applications and its data. In other words, a subject (user and process) is given access to the information (data and programs) executing the operations (read, write, delete and execute) that respect the access rules.
A role-based access control (RBAC) model has the following qualities:
- Regulates the access of users to information based on activities that the users perform in a system.
- Roles in Aureum are identified.
- Each user has a user profile which defines her role in an organization.
- A role is a set of permissions that allows execution of organization functions and access to data used by these functions.
Example: Aburaya Corporation
Consider a fictional company called Aburaya Corporation. Joyce is the director of the new advanced analytics department, which uses Aureum to manage its data access. When administrative functions are performed on a system, there can be big consequences: Joyce has to make sure her employees can perform only those operations for which they have been trained. She groups her employees by their roles and wants to manage a small number of roles instead of a large number of users.
Upon starting the department, she creates her own Aureum account and uses it by herself. Joyce uses the Aureum account’s security credentials to create a user for herself called Joyce, and a group called Admins. She gives the Admins group the permissions it needs to administer users, groups and permissions for the Aureum account, and she gives the Admins group permissions to perform all actions on all the Aureum account’s resources (for example, root privileges).
She then attracts employees to work for her as developers, admins, analysts, managers and system administrators. Joyce creates a group called AllUsers so she can easily apply any account-wide permissions to all users. She adds herself to the group. She then creates a group called Developers, a group called Analysts, a group called Managers and a group called SysAdmins. She creates users for each of her employees, and puts the users in their respective groups. She also adds them all to the AllUsers group.
To provide “perimeter” control, Joyce adds a policy to the AllUsers group that denies any Aureum request from a user if the originating IP address is outside Aburaya’s corporate network.
At Aburaya, different groups require different permissions:
- System Administrators:They need permission to create and manage Aureum, storage classes, replication cardinalities, media, security groups and so on. Joyce adds a policy to the SysAdmins group that gives members of the group permission to use all the Aureum actions.
- Developers: They need the ability to work with subdirectories. Joyce therefore adds a policy to the Developersgroup that allows developers to call mkdir, ls, chmod, user, mv, cp, and cd.
- Managers: They should not be able to perform any Aureum actions except adding media and storage classes. Therefore, Joyce adds a policy to the Managersgroup that only lets them call media management APIs.
The Aureum administration GUI is designed so that it’s quick and easy to set up systems even for a large number of users. Adding users later on with the appropriate permissions is as easy as assigning them to an existing group.