Category Archives: Roles Based Access Control (RBAC)

Which RBAC Approach Is Better: Top-Down or Bottom-Up?

Role Based Access Control (RBAC) projects are generally organized in one of two RBAC approaches: top-down (start with the business roles) or bottom-up (start with the user data and technical roles) and use that information to work up to insights. …Read More

RBAC Approach

Top IAM, RBAC, and Cybersecurity Articles from 2018

What were Identity & Access Management and Cybersecurity experts reading in 2018? Let’s take a look back at our most well-received articles from 2018. They fall into three categories: Identity Management, role based access control, and cybersecurity risk. Here are the …Read More

cybersecurity articles from 2018

Part 2: Defining Roles for IAM – From the Bottom Up

We believe that a two-pronged approach to roles definition is the key to implementing Role Based Access Control (RBAC) successfully. While there are tools that can automate the ‘bottom up’ approach, the old adage “Garbage In, Garbage Out” applies. If …Read More


Defining Roles: The Top-Down Process in Practice

Our path to well-defined roles begins with the system owner who evaluates the applications and which users should have access. When he determines that a group does not belong, for example, the accounting folks should not be on a particular …Read More

Roles Definition- Part I