Role-Based Access Control (RBAC) Quiz

36 Questions

What is a BYTE?

A combination of BITS representing a CHARACTER

What does a KEY FIELD do?

Uniquely identifies a RECORD for retrieval, updating, and sorting

What is the purpose of access control?

To ensure all direct accesses to objects are authorized

What is the definition of a DATABASE?

An organization’s electronic library of FILES organized to serve business applications

What does a FIELD represent?

A collection of BYTES representing a DATUM or Fact

What is the purpose of Information flow control?

To regulate what users can do with the accessed data

In SQL, what command is used for canceling privileges?

REVOKE command

How can a DBA give specific privileges to a user in SQL?

By issuing a GRANT command

What is the purpose of creating views in SQL for managing privileges?

To limit the capabilities of a user and grant with the ability to propagate the privilege

What does Role-Based Access Control (RBAC) in SQL associate permissions with?

Roles

What is involved in Mandatory Access Control (MAC) in database security?

Security labels, objects, subjects, and dominance

What can be targeted when granting UPDATE or INSERT privileges in SQL?

Specific attributes

What does RBAC stand for?

Role-Based Access Control

What is the main advantage of RBAC over DAC and MAC models?

Simplifies administration by reducing the number of relationships to manage

What are the components of RBAC framework?

Core RBAC, Hierarchical RBAC, Static Separation of Duty Relations, and Dynamic Separation of Duty Relations

What are the objects in RBAC that can be subject to access control?

Files, printers, terminals, and database records

What is the primary principle on which RBAC is engineered?

Least privilege

Which of the following is an extension of RBAC models?

ARBAC, CBRAC, dRBAC, ERBAC, fRBAC, GRBAC, HRBAC, IRBAC, JRBAC, LRBAC, MRBAC, PRBAC, QRBAC, RRBAC, SRBAC, TRBAC, V, W, and x

In RBAC, what does the notation r1 r2 signify?

User inheritance

What are the static relations defined in RBAC?

Permission Assignment and User Assignment

What does RBAC2 include in addition to RBAC0?

Constraints

What do limited hierarchies represent in RBAC?

Organizational structures

What is the purpose of role hierarchy in RBAC?

Defining user membership and privilege inheritance

What is the semantics of role hierarchies in RBAC?

Permission inheritance

What is the primary function of a subject in the context of database security?

Requesting access to an object

What is the main challenge associated with Discretionary Access Control (DAC)?

Propagation of access rights

What is a potential issue with using Stored Procedures for access control?

Programs may access unauthorized resources

What is the primary role of an Access Control List (ACL) in database security?

Specifying access rights for users or subjects

What is the purpose of the Capability List in the context of database security?

Specifying the access rights of subjects to objects

What is the main responsibility of the owner of a relation in database security?

Granting and revoking privileges on the relation

What is the purpose of Discretionary Access Control (DAC) in database security?

Defining access rights for each subject to objects, and can be granted and revoked

What is the main advantage of Role-Based Access Control (RBAC) over Discretionary Access Control (DAC)?

Enabling management of access rights based on roles rather than individual subjects

How can Access Control Lists (ACL) contribute to the implementation of Discretionary Access Control (DAC)?

By specifying the access rights of each subject for specific objects

What is the purpose of security through views in database access control?

Assigning rights to access predefined views, which can be difficult to maintain

What is the primary purpose of stored procedures in database security?

Assigning rights to execute compiled programs, which may access unauthorized resources

What is the primary purpose of grant and revoke operations in database security?

Allowing granting and revoking of privileges at different levels, such as account level and relation level

Study Notes

Role-Based Access Control (RBAC) Overview

RBAC is a natural way of managing access control based on roles, job functions, and permissions within organizations.
It addresses key security requirements of Web-based applications, offering a desirable solution compared to DAC and MAC models.
RBAC assigns access to objects based on user roles, defined by job functions, and associated permissions.
It simplifies administration by reducing the number of relationships to manage and makes revocation/change of permissions easier.
RBAC is used in database management systems, security management, network operating systems, and is an official standard since 2004.
RBAC includes components such as core RBAC, hierarchical RBAC, Static Separation of Duty (SSD) relations, and Dynamic Separation of Duty (DSD) relations.
Objects in RBAC can be any system resource subject to access control, such as files, printers, terminals, and database records.
Roles in RBAC are job functions within an organization with associated authority and responsibility conferred on the user assigned to the role.
RBAC framework components include Core RBAC, Hierarchical RBAC, Static Separation of Duty Relations, and Dynamic Separation of Duty Relations.
Role hierarchy, role activation, and temporal constraints are important considerations in RBAC systems.
RBAC models include various extensions such as ARBAC, CBRAC, dRBAC, ERBAC, fRBAC, GRBAC, HRBAC, IRBAC, JRBAC, LRBAC, MRBAC, PRBAC, QRBAC, RRBAC, SRBAC, TRBAC, V, W, and x.
RBAC is engineered based on the principle of least privilege, assigning users to roles, permissions to roles, and organizing roles into a hierarchy.

Database Security and Access Control

Access control involves subjects (active entities) requesting access to objects (passive entities)
Access rights define how a subject is allowed to access an object, such as read or write privileges
Different levels of granularity for access control include relation-level, tuple-level, attribute-level, and cell-level
Access control policies include Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role-Based Access Control (RBAC)
DAC involves defining access rights for each subject to objects, and can be granted and revoked
Implementation of DAC can be done through Access Control Lists (ACL) or Capability Lists
Access control mechanisms include security through views, stored procedures, and grant and revoke operations
Security through views involves assigning rights to access predefined views, which can be difficult to maintain
Stored procedures involve assigning rights to execute compiled programs, which may access unauthorized resources
Grant and revoke operations allow granting and revoking of privileges at different levels, such as account level and relation level
Types of discretionary privileges include account level and relation level, with specific privileges like CREATE, MODIFY, and SELECT
Privileges at the relation level can be granted, revoked, and controlled by the owner account holder

Test your knowledge of Role-Based Access Control (RBAC) with this quiz. Explore the key principles, components, and applications of RBAC, as well as its role in managing access control within organizations.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.