✔ To solve the role explosion challenge, EmpowerID provides a unique two-trees or “polyarchical” RBAC approach. The top tier or Business Role tier describes a user’s position in the organization in combination with a hierarchical Organizational Location representing where within the organization or in which context the user performs their Business Role. This position is visualized as two trees with people assigned to one or more Business Roles combined with an Organizational Location. A person’s Business Roles bundles up direct technical entitlements and, more commonly, Task or Activity-Based roles. ✔ Benefits of Business Roles and Locations:Business Roles and Locations provide a familiar and commonly accepted grouping mechanism that non-technical users of the system can recognize and easily navigate. The structure can be mapped to the organizational structure of the business. Provides an anchor point for mapping external roles and locations from connected systems so that the master person identities can be provisioned into a business structure Business Roles and Locations can be architected to leverage powerful and complex inheritance relationships to allow you to anchor common access and policy assignments very efficiently at varying inheritance levels. Inheritance eliminates the need to create unnecessary duplicate assignments. Provides a structure for rolling up multiple and varied assignments to a common anchor point allowing the administrator to accumulate widely varying types of assignments and policies to an easily recognized business structure.
✔ Combining Business Roles and Locations in DelegationsIn EmpowerID, access is never assigned to just a business role or a business location. All organizational assignments must have both a role and a location assignment. Leveraging inheritance you can essentially create a one-sided assignment by specifying a granular target on one of the trees and a broadly inherited assignment on the other tree.
| Easy html macro |
---|
theme | {"label":"solarized_dark","value":"solarized_dark"} |
---|
contentByMode | {"html":"<article>\r\n <div class=\"cont\">\r\n <h3>EmpowerID's Solution to Role Explosion</h3>\r\n </div>\r\n <audio controls>\r\n <source src=\"https://docs.empowerid.com/assets/audio/BusinessRoleAndLocationStructure.wav\" type=\"audio/wav\">\r\n</audio>\r\n \r\n</article>\r\n","javascript":"","css":"@import 'https://fonts.googleapis.com/css?family=Lato';\r\n\r\n\r\nbody {\r\n\t\r\n\tfont-family: 'Lato';\r\n}\r\n\r\narticle{\r\n\tbackground: #343436;\r\n\twidth: 80%;\r\n\ttext-align: center;\r\n\tpadding: 30px 5%;\r\n\tbox-sizing: border-box;\r\n\tbox-shadow: 0 0 21px 0px rgba(0,0,0,0.3);\r\n\tborder-radius: 10px;\r\n\tmargin-left: 40px;\r\n}\r\n\r\n.cont h3{\r\n\tfont-family: 'Lato';\r\n\tfont-size: 22px;\r\n\tmargin: 0 0 10px 0;\r\n\tcolor: #ccc;\r\n}\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n}"} |
---|
| |
|