process management enterprise architecture ea blog posts

Enrich RBAC and ABAC with ProBAC, #infosec #security #BPM

1 The problem For the stable functioning of an enterprise, it is mandatory to define up-front WHO (person, system, role) can DO SOMETHING (e.g. read, update, delete) with WHAT (tangible or intangible asset or resource), WHEN (at a particular moment of time), WHERE (from which tool, environment), WHY (justification) and HOW to impose this. There are two popular techniques: Role-Based