Role based access control architectural design issues in large organizations

Large scale systems are focused at providing rapid and secure connections between system entities and users. The basic purpose of development of such systems is increasing integrity between members, staff and other departments. As different system users access the system on different levels of access according to their defined roles in organizations and institutes, a mechanism for controlling and monitoring access levels of these users becomes a vital element of such systems as features such as these, are vital to concerned organizations which need to evaluate their risk exposure ensuing from IT system access provided to employees. It is required that a proper architecture for such genre of systems is defined so that a fast, reliable, efficient and secure system environment can be provided. Role-based access control (RBAC) presents a popular model for I.T security and access control that aids in reducing the complexity of safety measures and their administration. Plenty of work has already been done in RBAC for enhancing and simplifying security and reliability. This paper aims in defining the architecture using RBAC and attributes for organizations with emphasis on segregation of duties, load sharing of administrative tasks and controlling IT system access.