What is the difference between Role Based Access Control (RBAC) and Group Based Acess Control (GBAC)?

In Group Based Access Control every group has certain access rights defined for it. Any user who is added to the group will automatically inherit those access rights. For example, an individual added to the 'Marketing' group will automatically inherit access rights to applications available for this group.

In Role Based Access Control different roles are created which has pre-defined access rights. Any person who is assigned this role will automatically inherit the access rights defined with that role.

For example, an individual assigned a role of 'Junior Sales Engineer' might inherit access to information of a particular customer however the role of 'Vice President of Sales' will inherit the access to information of all the customers. 

The major difference between GBAC and RBAC is that GBAC is aligned along the identities of users and RBAC is aligned along the activities of users.

  • 33
  • 12-Mar-2014