OM-BP-0016: Design a naming convention scheme for roles that assure unique, unambiguous names for each (Best Practice)
ID | OM-BP-0016 |
---|---|
Name | Design a naming convention scheme for roles that assure unique, unambiguous names for each |
Status | Active |
Version |
|
Best Practice | Design a naming convention scheme for roles that assure a unique, unambiguous names for each. Assure the naming convention factors in the important dimensions of the organizations, such as geographical regions, business units, legal entity, etc. Role names should be as self-explanatory as possible. Role names should be globally consistent with the naming convention to facilitate comparison and search. |
Rationale
Large organizations are complex. Multiple perspectives are necessary to analyze their structure including geographical regions, business units, legal entities, etc. In the absence of a well-thought naming convention for roles, ambiguities will blur people’s understanding of roles and confusions will be inevitable. In addition to worsen the user experience, such ambiguities and confusions constitute a security risk.
Bad Practices
Do not define a formal naming convention for roles
Do not assure unique names for roles
Implementation Details
Quotes
Roles are, of course, the main focus of RBAC models. A role should have a unique name. Usually, a role is designed to correspond to a job function in a company, e.g. clerk, manager, programmer, etc. It is also customary for roles to be arranged in a role hierarchy [4] or role graph [7]. In the ANSI standard, the model called Core RBAC does not include role hierarchies.
Bibliography
Related Best Practices
N/A
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.