Welcome to Bucaro TecHelp!

Bucaro TecHelp
Maintain Your Computer and Use it More Effectively
to Design a Web Site and Make Money on the Web

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds


Victims of Sandy Hook

Stop the Slaughter of Innocents. Congress is bought and paid for by gun lunatics and gun promotion groups. If you want to live in a safe America, help buy Congress back for America. Send a donation to Mayors Against Illegal Guns, 909 Third Avenue, 15th Floor New York, NY 10022

Difference Between Rule and Role Based Access Control

Access control is the method used to block or allow access to a network or network resources. Two types of access control are rule-based and role-based. These methods are used by firewalls, proxy servers, and routers. The difference between rule-based and role-based access control is described below.

Rule-Based Access Control (RuBAC)

With rule-based access control, when a request is made for access to a network or network resource, the controlling device, e.g. firewall, checks properties of the request against a set of rules. A rule might be to block an IP address, or a range of IP addresses. A rule might be to allow access to an IP address but block that IP address from use of a specific port, for example port 21 commonly used for FTP, or port 23 commonly used for Telnet. A rule might be to block a specific IP address, or block all IP addresses from accessing certain applications on the network, such as email or video steaming.

Role-Based Access Control (RoBAC)

With role-based access control, when a request is made for access to a network or network resource, the controlling device allows or blocks access to a network or network resource based on that user's role in the organization. For example, an individual with the engineer role in an organization might be allowed access to the specifications of parts used in the company's product, but blocked access to employee records. An individual with the supervisor role might be allowed access to employee records, but blocked access to engineering documents and specifications.

Rule and Role Based Acronyms

In this article I used the acronym RuBAC for rule-based access control and the acronym RoBAC for role-based access control, however in many references the acronym RBAC is used for rule-based access control, or RBAC is used for is used for both access control methods.

More Network Security Articles:
• Nessus Network Vulnerability Scanner
• Network Security Model - Defining an Enterprise Security Strategy
• What is Penetration Testing?
• Wireless Network Security
• Firewall Rules
• Designing Physical Network Security
• NMAP (Network Mapper) Port Scanner
• Wireless Network Security - The Basics of Securing a Wireless LAN
• The Basics of Network Security
• Domain Name System (DNS) Vulnerabilities

RSS Feed RSS Feed


Follow Stephen Bucaro Follow @Stephen Bucaro


Computer Networking Sections

Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2017 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268