Role-based access control (RBAC) is a method of restricting access to resources based on the roles of individual users within an organization. RBAC assigns permissions and responsibilities to roles, rather than to individual users, and then assigns users to those roles. This way, users can only perform the actions that are relevant and necessary for their role, and not access or modify any other resources that are beyond their scope of authority. RBAC is one of the security countermeasures that can be implemented in a defense-in-depth strategy, which is a layered approach to protect industrial automation and control systems (IACS) from cyber threats. RBAC can help prevent unauthorized access, misuse, or sabotage of IACS resources, as well as reduce the risk of human error or insider attacks.
[References:, ISA/IEC 62443-3-3:2013, Security for industrial automation and control systems - Part 3-3: System security requirements and security levels, Clause 5.3.2.11, ISA/IEC 62443-2-1:2010, Security for industrial automation and control systems - Part 2-1: Establishing an industrial automation and control systems security program, Clause 6.2.2.32, ISA/IEC 62443-4-1:2018, Security for industrial automation and control systems - Part 4-1: Product security development life-cycle requirements, Clause 5.2.3.23, ISA/IEC 62443-4-2:2019, Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components, Clause 4.2.3.24, ]
Submit