Role-Based Access Control (RBAC) is a framework designed to allow organizations to more efficiently manage permissions across applications and other protected IT resources.
The EmpowerID RBAC model is one that reflects the Resource-Based Access Control paradigm; the platform is resource-centric, not role-centric. This allows organizations to focus on what they are protecting.
Three central identities in EmpowerID role management system are as below:
Core Identity: Core identity is top level identity that represents a human being. One core identity can be linked to multiple person identity (or persona) that may have separate access. These all personas are the same person (core identity).
Person: Person object(persona) is a separate identity in EmpowerID using which RBAC assignments are made to connected system accounts, managed resource objects and delegated operations.
Account: Accounts are technology-based identities associated with external systems such as active directory, LDAP, HR, CRM or cloud-based applications identities.
Key Objects of the EmpowerID RBAC Model