Role-based access control (RBAC) is a policy-neutral access-control mechanism defined around roles and privileges. The components of RBAC such as role-permissions, user-role and role-role relationships make it simple to perform user assignments. A study by NIST has demonstrated that RBAC addresses many needs of commercial and government organizations.[4] RBAC can be used to facilitate administration of security in large organizations with hundreds of users and thousands of permissions. Although RBAC is different from MAC and DAC access control frameworks, it can enforce these policies without any complication.
RBAC for ODALA uses fairly simple and flexible scheme. It combined the Role definitions of Keyrock and the Url and Sub URL settings of Umbrella to createa a cohesive access control system.
This is basic model which can be expanded later by adding more components to create more complex rules.
Contrasec welcomes ideas and contributions to use and further develop the access control further.