The Access Control Layer of Segura operates based on roles or permission functions. Within these, various roles are available that allow for better access management and functions adjusted for different user profiles. Assigning a role to a user in Segura means that they have been validated to access certain modules and perform specific actions within the system, according to the assigned role.
A role within Segura can enable the user to:
- Access specific modules.
- Perform actions within these modules.
- List available resources in the module.
- View details of any record in the module.
Consider, for example, a user who can view all credentials and devices within Segura, but doesn’t have permission to add new ones or delete existing ones. It’s essential to properly designate permissions to avoid the risk of excessive privileges.
Due to the diversity and complexity of operations, which may be specific to different profiles, Segura offers a list of 30 predefined roles. These roles are modeled to adhere to the principle of least privilege, ensuring that each function contains only the permissions that correspond to its responsibilities.
Below you can observe how these roles can relate to each other and how they apply to Segura and its users.
Each role is named as a position or responsibility that a person has. By assigning permissions to the role, and later assigning these roles to a user, Segura enables the administrator to manage operations in a much more practical way using only the 30 roles provided in its standard installation.
