Skip to main content
Please wait...

RBAC Policy-Enhanced (ANSI 494-2012) Published

RBAC Policy-Enhanced (ANSI 494-2012) is now published (5 years in development). An Identity Management standard for the 21st century. Information Technology - Role Based Access Control - Policy-Enhanced

Role Based Access Control (RBAC) has been criticized for the difficulty of setting up an initial role structure and for inflexibility in rapidly changing domains. A pure RBAC solution may provide inadequate support for dynamic attributes, such as time of day, which might need to be considered when determining user permissions.

This RBAC Policy-Enhanced standard (to be referenced as RPE) provides a framework and functional specifications to handle the relationship between roles and dynamic constraints. Some of the administrative and user permission review advantages of RBAC are retained while allowing the access control system to work in a rapidly changing environment


About SecurityFeeds

SecurityFeeds Logo

Tim Weil is a Security Architect/IT Security Manager with over twenty five years of IT management, consulting and engineering experience in the U.S. Government and Communications Industry.  Mr. Weil's technical areas of expertise include IT Security Management, Enterprise Security Architecture, FISMA Compliance, Identity Management, and Network Engineering. Mr. Weil is a Senior Member of the IEEE and has served in several IEEE positions.