Question
Let us assume you need to implement RBAC for a Bank and consider the following statements as part of business requirements. - The bank will
Let us assume you need to implement RBAC for a Bank and consider the following statements as part of business requirements. - The bank will have a teller who can (i) withdraw cash, (ii) deposit check from a customers bank account - There will be bank manager who can (i) issue new account (ii) withhold an existing account (iii) close an account of a customer. - A manager can assume the role of a teller and vice versa - The bank has three employees {Alice, Bob, Charlie}, and Alice being a network admin should never assume the role of either teller or manager. - An admin cannot alter customer information without managers approval, but can view information anytime.
a) Identify (i) set of roles, (ii) duties, (iii) subjects.
Roles: { }
Duties: { }
Subject: { }
b) Show a mapping of each subject and their possible valid roles that can be assumed:
Alice: { .}
Bob: { }
Charlie: { .}
c) Show a mapping of each role and corresponding valid duties that can be performed:
Teller: { }
Manager: { }
Admin: { }
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access with AI-Powered Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started