Nowadays, software systems in many organizations are becoming highly integrated with, and part of, daily activities. This increased degree of integration raises demands on the ease of management and administration of software systems. At the same time as various systems more and more become integral parts of the activities of an organization, the organization becomes increasingly dependent on the systems. This increased dependency puts security requirements in focus.
Role-based access control, RBAC, is a paradigm that meets modern demands on integration and ease of administration for one aspect of security, access control. RBAC is also appealing as the main idea is intuitively simple and easy to grasp; permissions are given to roles, and roles are assigned to users as necessary.
In this chapter we discuss the concept of role and how this concept can be used for purposes of access control. Further, in chapter 5, we report on experience from how RBAC can be introduced into existing systems by creating an RBAC-aware NFS server.