When a Role incorporates privileges that span multiple systems, it is more properly referred to as a Meta Role, and the infrastructure to manage user privileges as Meta-RBAC.

For example, a Meta Role for a basic employee might include an Active Directory user object, an Exchange mailbox, a mainframe login ID and membership in a dozen security groups on these systems.

Return to IT Security Concepts