SNHU Role Based Access Control Matrix Worksheet
Question Description
OverviewIn this exercise, you will develop a role-based access control (RBAC) matrix for user access control. RBAC matrices, as a security architecture concept, are a wayof representing access control strategies visually. They help the practitioner ensure that the access control strategy aligns with the specific access controlobjectives. Matrices also help show when access controls may conflict with job roles and responsibilities.
When you are completing this type of task, there are afew questions you should always be thinking about:? Who gets to log into the system?
? Who gets to view what?
? What kind of data are you dealing with (basic data vs. information subject to privacy controls)?? Who gets to add or delete? Who is view-only?
? Who should not have permission?An example of an RBAC matrix can be found in Fundamentals of Information Systems Security, Chapter 5 (Role-Based Access Control section), linked in theModule Four Reading and Resources section of your course.ScenarioYou are a security analyst for a healthcare firm assigned to create an RBAC matrix for a new software-as-a-service (SaaS) application for managing patientmedical files. There are six individuals who have roles within the system and need varying levels of access to the medical patient software. Your objectives are toset up the RBAC matrix to:
? Ensure individuals have access to necessary information for their job role
? Maintain patient privacy by adhering to the Fundamental Security Design Principle of least privilege (i.e., business need-to-know)The following SaaS application parameters need to be determined:1. Access to patient information2. Access to employee information3. Access to the SaaS4.
Access to backup logsSee the User Job Roles and Characteristics table below for information on the users, their roles in the organization, and their job descriptions
Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."