Learn about combining Role-Based Access Control (RBAC) with Attribute-Based Access Control (ABAC) in this 32-minute technical talk that addresses common security implementation challenges. Explore how to overcome 'Role Explosion' and management complexities while maintaining system integrity through a standards-based approach. Examine practical demonstrations using Apache Fortress and LDAP data models to implement fine-grained access control in web applications. Follow along as an experienced security architect demonstrates how dynamic role constraints can effectively solve traditional RBAC limitations, providing a hybrid solution that leverages the strengths of both access control methodologies.
Attribute-Based Role-Based Access Control System - Implementing Fine-Grained Web Security
Overview
Syllabus
Towards an Attribute-Based Role-Based Access Control System
Taught by
The ASF
