About role-based access control
Role-based access control uses identities with various attributes to automatically manage access control. Defining provisioning policies ensures that people in your organization always have up-to-date access permission levels. If an employee changes job title, department, or moves to a different site, the system automatically adjusts their access when their identity attributes are changed.
- Grant or revoke access based on employees locations.
- Grant or revoke access based on specific roles or job titles in the organization, or who they report to.
- Grant access to a zone only if people have specific training or certifications.
- Grant or revoke access based on a list of custom attributes synchronized from an external source.
What is an identity?
- An identity is a person who has a permanent badge assigned to them.
- A visitor is a person who has a paper badge or a temporary badge credential assigned to them.
- A contractor can be either an identity or a visitor. When a contractor is defined as a visitor, they receive a one-day HID card entered as a visitor in ClearID.
Identity attributes
In Genetec ClearID™, attributes are the traits or characteristics that make up an identity. Examples of attributes include department, location, role, seniority, pay grade, training certifications, and security clearance.
Role based access control relies on policies (provisioning rules) that automatically assign rights to identities (people) based on attributes (traits or characteristics).
In Genetec ClearID™, a role manager is an identity that has authority over who is assigned to a role. A role manager can add people to and remove people from a role. They are also responsible for role access review approvals.
The life cycle of an identity
In ClearID, the entire life cycle of an identity can be automatically managed.