Get Your Data Security Role-ing

Don Miller

Just about everyone is familiar with certain elements of an access control system relating to personnel and vehicles.  Anyone who works in an office setting or enters a secure building has to deal with mechanical devices or electronic systems that facilitate “authentication” to enter a protected space, such as an ID card or key fob that is kept on the user’s person, or using a personal identification number (PIN), or code, that must be keyed in for access.  The basic objective of such an access control system is to permit entry/exit of authorized persons and deny entry/exit of unauthorized persons, and to maintain records of the access control system activity, user permissions, and facility configuration changes.

TDXchange Product Box

The same type of access control is available for network and software systems.  According to NIST, “[r]ole based access control (RBAC) (also called “role-based security”) … has become the predominant model for advanced access control” because it reduces the cost of managing large networks and data flows.  NIST succinctly summarizes the RBAC process:  “Each user is assigned one or more roles, and each role is assigned one or more privileges that are permitted to users in that role.”

bTrade has an enterprise-level managed file transfer software solution, TDXchange, that employs RBAC to limit system access to authorized users.  Six user roles have been created, each of which has a predefined collection of read/edit privileges that can be assigned to users based on their job.  In addition to the ability to limit access to specific areas, a user’s scope can be restricted to a specific part of the organizational hierarchy.

There is one pre-defined user role in TDXchange, called System Admin, and there can be multiple persons assigned to the System Admin role.  Each System Admin has all the permissions and rights to create customized roles for different users.  In addition, each System Admin has visibility, via dashboards and alerts/notifications, into system activity, user permissions, and system configuration changes.

If you are interested in discussing role-based access control in connection with your managed file transfer activity, or want to learn more about bTrade’s TDXchange software solution, please contact us at