Data Management methodologies – an introduction into ABAC, FGAC and RBAC
This article has been supplied as a media statement and is not written by Creamer Media. It may be available only for a limited time on this website.
By Gary Allemann, Managing Director at Master Data Management
Data security and access management are highly technical topics that have largely been left to the Chief Information Security Officer and his team. While the PoPIA commencement date came into effect from 1 February 2022, more stakeholders need to understand the basic access control approaches available to them. This is where Role-based Access Control (RBAC) can assist organisations to simplify the process and ensure compliance.
What is RBAC?
RBAC restricts network or system access based on a person’s or account’s role within an organisation, and Lightweight Directory Access Protocol (LDAP) is a commonly used protocol to implement an RBAC methodology.
RBAC is intended to ensure that employees only access systems that are required for them to do their jobs. Access can be based on factors such as authority, responsibility and job competency, and access to data resources can be limited to specific tasks, such as the ability to view, create, modify or delete a file. Overall, RBAC is popular because it reduces the need to assign privileges to individuals.
However, by its nature, RBAC has some limitations that impact its use to implement protection of sensitive information, particularly in large, complex organisations. Most critically, RBAC is applied to users, not to objects or operations, and while access can be restricted to certain systems, RBAC does not limit access to data within systems.
What is ABAC?
Attribute-based Access Control (ABAC) is a model that has evolved from RBAC that addresses some of these shortcomings, and grants access based on an evaluation of the characteristics of attributes, rather than roles. A central data access policy defines which combination of a user (role) and object attributes is required for access.
The key benefit of ABAC is that data is protected at a granular level, and the model can be used to define far more complex access policies, protecting individual data elements – such as an ID Number, Credit Score, or HIV Status. However, this flexibility can be hard to manage without a centralised dynamic access management platform that can identify sensitive data and apply policies dynamically.
What is FGAC?
Fine-Grained Access Control (FGAC) is another term for ABAC as it speaks to the ability of the ABAC methodology to provide fine-grained access. RBAC can also be thought of as course grained.
Organisations can look to implement the RBAC system to meet confidentiality and privacy regulations and regulatory requirements. This is because executives and IT departments have more effective control nowadays over how data is accessed and used.
Comments
Press Office
Announcements
What's On
Subscribe to improve your user experience...
Option 1 (equivalent of R125 a month):
Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format
Option 2 (equivalent of R375 a month):
All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors
including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.
Already a subscriber?
Forgotten your password?
Receive weekly copy of Creamer Media's Engineering News & Mining Weekly magazine (print copy for those in South Africa and e-magazine for those outside of South Africa)
➕
Recieve daily email newsletters
➕
Access to full search results
➕
Access archive of magazine back copies
➕
Access to Projects in Progress
➕
Access to ONE Research Report of your choice in PDF format
RESEARCH CHANNEL AFRICA
R4500 (equivalent of R375 a month)
SUBSCRIBEAll benefits from Option 1
➕
Access to Creamer Media's Research Channel Africa for ALL Research Reports on various industrial and mining sectors, in PDF format, including on:
Electricity
➕
Water
➕
Energy Transition
➕
Hydrogen
➕
Roads, Rail and Ports
➕
Coal
➕
Gold
➕
Platinum
➕
Battery Metals
➕
etc.
Receive all benefits from Option 1 or Option 2 delivered to numerous people at your company
➕
Multiple User names and Passwords for simultaneous log-ins
➕
Intranet integration access to all in your organisation