What is ReBAC? (Relationship-Based Access Control)
Relationship-Based Access Control (ReBAC) is an authorization model that determines access based on user-resource relationships, offering a more dynamic approach compared to RBAC and ABAC. ReBAC adapts to changes in these relationships, making it ideal for applications where connections significantly impact permissions. It uses graph data structures to manage entities as nodes and relationships as edges. The benefits of using ReBAC include flexibility, handling complex relationships, aligning with organizational workflows, and enhanced security. However, limitations include complexity in policy management, limited visibility, and performance concerns. ReBAC is best suited for applications focused on collaboration or social networks where access often flows through connections between users.
Company
WorkOS
Date published
May 10, 2024
Author(s)
Word count
1566
Hacker News points
None found.
Language
English