ABSTRACT
Modern applications usually have rolebased access-control mechanisms built in. Role-based access control (RBAC) is an effective access-control mechanism that works on the principle of least privilege. The access control is driven through user roles, for instance, when a data entry operator is automatically provided access only to raise transaction entries in the system and does not have access to reporting and administration functions.
