Overview LUM
LUM (Local User Manager): The local user database used to provide the AAA local authentication.
RBAC (Role Based Access Control): By establishing the association of "Authority <-> Role", assign the authority to the role, and by establishing the association of "Role <-> User", specify the role for the user, so that the user can get the authority of the corresponding role. The basic idea of RBAC is to specify roles for users. These roles define which system functions and resource objects the users are allowed to operate.
Because of the separation of the authority and the user, RBAC has the following advantages:
- The administrator does not need to specify authorities one by one for users, they just need to define the roles with corresponding authorities in advance, and then assign the roles to users. Therefore, RBAC can better adapt to the changes of users and improve the flexibility of user authority allocation.
- Because the relationship between roles and users often changes, but the relationship between roles and authorities is relatively stable, so using this stable association can reduce the complexity of user authorization management and management cost.
Role: The set of rules
Rule: The permit/deny authority of the commands of the specified features or all features
Feature: Module