Cyber Work: The dangers of Role-Based Access Control (RBAC)

Introduction

In this episode of Infosec’s Cyber Work podcast, host Chris Sienko chats with Balaji Parimi, founder and CEO of CloudKnox Security. They discuss current problems with Role-Based Access Control and how access control is moving toward a more secure future. For those looking for an explanation of both where RBAC has been and where it’s going, this podcast is for you. 

When did you first get interested in computers and security?

When Balaji was earning his undergraduate degree in engineering in India in 1992, he fell in love with Fortran, a programming language. As he progressed through earning two graduate degrees, in computer science and software engineering at both Bradley and San Jose State respectively, he carried this passion for Fortran. This led him to fall in love with computers and security.

What does CloudKnox offer its clients and what is its role in the cybersecurity landscape?

CloudKnox is a hyper-cloud security platform focused on protecting the hypercloud. The biggest problem today with cloud infrastructure is that there are a thousand knobs in one place and the human element necessary to control every part of infrastructure. 

We have been using 30-year-old RBAC concepts that create static rules based on assumptions where admin privilege controls all. The risk with this is you may only need 100 privileges when you have access to 30,000 of them. The purpose of CloudKnox was to provide a platform that makes it easy to make data-driven decisions.

What is Role-Based Access Control? How does it work and how is it meant to be used to protect your network?

RBAC really just means a system of assigning privileges. With a network or any system you have to assign privileges to potentially thousands of users. RBAC is intended to be used with organizations that have (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/pmiYFnZaxHs/