User permissions refer to specific rights and privileges assigned to various roles, which, in turn, are assigned to specific users. In some cases, permissions may be applied to entire groups with access to a software system, such as all employees working at a specific location. Permissions determine what level of access individuals or groups are given as well as what actions or operations they are authorized to perform. User permissions are considered a foundational aspect of system security ensuring only those with a compelling need are able to access sensitive data.
Some of the most common types of user permissions include:
Read only: This permission enables a person to view/read a particular digital asset but not modify it or change it in any way.
Write: A user who has write permission related to certain digital assets is able to make changes to them such as editing an existing file, or performing updates to a database.
Execute: A person with execute permission is allowed to access a script or executable file and run the resource if they wish.
Create/delete: People with create permission are allowed to create new documents or other resources. An example would be someone using a cloud based service like Google Docs. Such users are also often given delete permission as well, although on occasion the two permissions are assigned separately.
Modify: Modify means just that. The user is able to access certain files and modify them. That is, they can add-to or delete portions of a document or record as they see fit.
Admin: The admin usually has full access to all parts of the system and is able to exercise control over others, redefine roles, add or otherwise change permissions and ban users for violations.
User permissions can be created, managed and modified at a variety of levels including the individual user level, the group level and levels based on assigned roles. Role-based access control (RBAC) is a widely used approach whereby permissions are assigned to roles and roles assigned to users. This type of system greatly simplifies access control while bolstering security.
Book a free Policy Workshop to discuss your requirements and get your first policy written by the Cerbos team