Adding Role Based Access Control onto a Unix Storage Platform

The traditional Unix authorization model defines an all powerful root user who can perform any system task, modify any file, and change any system configuration. This simple model produces several fundamental problems for a storage platform. The root user, whether maliciously or accidentally, can cause catastrophic data loss. They can also view and undetectably modify the contents of any file and thus need to be an extremely trusted individual. Solving these problems requires partitioning the traditional root administrative rights among many different users and limiting within the file system the ability of any one user to view and modify all files. This can be accomplished with Role Based Access Control.

Learning Objectives

The fundamental problems of the Unix root/other authorization model.
The generally accepted abstract model of Role Based Access Control.
Comparison between RBAC and traditional file system authorization like ACLs
How administrative actions are partitioned in Isilon OneFS using RBAC.
Difficulties overlaying a new RBAC authorization system onto the existing Unix process and file system authorization model.