This document introduces role-based access control
(RBAC), as applied to large user populations with access
to multiple systems and applications. It is organized into
the following sections:
- RBAC concepts, including real-world considerations such as exception
- Business drivers for adopting an RBAC entitlement management
strategy, including when RBAC is appropriate.
- Strategy for migrating an organization from direct assignment of
entitlements to access administration with roles.
- Processes required to sustain an RBAC strategy, post-deployment.
- Organizational impact of an RBAC entitlement management