RBAC model

An RBAC model provides the user with authorization to access components in the system. It is based on which roles that user has.

These Roles are the combination of atomic Privileges: one Privilege that applies to one component. The figure here represents the RBAC model.
Note: Authorization is what a User can accomplish on a system. Authentication is how a User is granted access to a system.
Figure 1. RBAC model
According to the figure, these relationships exist between parts of the RBAC model:
  • Privileges can be assigned to multiple Roles.
  • A User can have multiple Roles.
  • A Group can have multiple Roles.
  • A role can be assigned to multiple Users or Groups.
  • Users can be in multiple Groups.
Note: See the Security section in the Manager Administration Guide for more information on assigning roles to a user or a group.