Roles CSG Talk

The Roles Database
at the
Massachusetts Institute of Technology

Jim Repa

September 18, 1998

Additional information available at


  1. What does it do?
  2. Creating and disseminating authorizations
  3. Enforcing authorizations
  4. What is an authorization?
  5. Why have a qualifier?
  6. Why not have more than one qualifier per authorization?
  7. Qualifiers fit into hierarchies
  8. Creating and delegating authorizations
  9. Creating auths -- examples
  10. Where are we today?

What does it do?

Creating and disseminating authorizations

  1. Supporting information is fed nightly from data warehouse to Roles DB

  2. Front-end application is used to create "authorizations" in the Roles Database

  3. Authorization information is converted, and sent to various application

Enforcing authorizations

What is an authorization?

Authorization = Person + Function + Qualifier


Why have a qualifier?

Why not have more than one qualifier per authorization?

Qualifiers fit into hierarchies

Creating and delegating authorizations

Creating auths -- Examples

Where are we today?

Last modified by on October 2, 1998.