OpenRBAC is an open source implementation of the ANSI standard RBAC. It uses OpenLDAP as backend for storing information on user, roles, resources, priviledges, etc. This has a number of advantages and only very few limitations. Access decisions can be retrieved by simple ldap searches so that a OpenRBAC based Policy Decison Point can answer ten thousands of such queries per seconds. Since two other RBAC software products use LDAP, currently work is being done on an IETF Internet Draft to standardize the LDAP schema and a specific LDAP extended operation for interoparable implementations. The talk will introduce
RBAC, OpenRBAC and report on the LDAP standardisation work.