Saudi Electronic University Adopting Mandatory Access Control Discussion
You mentioned the following: “My employer uses role-based access control (RBAC) to regulate system resources using a security policy in the organization. RBAC controls access to system resources based on the role users have in the system and the rules that state what accesses are permitted to users with specific roles (Stallings & Brown, 2017). ” What would happen if your organization would adopt MAC as their default access control model? Is this viable?
