Purpose: This document provides an overview of roles and how they are used within the security system.
Roles Overview
In role-based security, permissions are associated with roles. Users are then made members of roles, thereby acquiring the associated permissions. The purpose of the role is to group like tasks such as nurses, doctors, or insurance clerks together, thereby helping manage users and control access to application functions.
The assignment of a permission to a role is a simple binary function: permissions are checked to assign access and are unchecked to deny access. Furthermore, a role can be controlled at a more granular level with actions, auditing, and its restrictions of use.