Authorisation and Access Levels Explained

Common access levels include:

• Read-only access
• Edit or write access
• Administrative access

Access levels allow systems to separate responsibilities safely.

Role-Based Access Control

Most systems use role-based access control (RBAC).

With RBAC:

• Permissions are assigned to roles
• Users are assigned roles
• Access is managed centrally

For example:

• Students can view their own records
• Teachers can update grades
• Administrators can manage the system

RBAC simplifies security management and reduces errors.

Principle of Least Privilege

A key IB security principle is the principle of least privilege.

This principle states that:

• Users should have only the permissions they need
• Extra permissions increase risk

For example:

• A user who only views data should not be able to delete it

Limiting access reduces:

• Accidental damage
• Impact of compromised accounts

Authorisation and Data Integrity

Authorisation protects data integrity by:

• Preventing unauthorised changes
• Restricting sensitive operations
• Ensuring accountability

If only trusted users can modify data:

• Errors are less likely
• Changes can be audited

This is especially important in:

• School databases
• Banking systems
• Healthcare records

Authorisation vs Authentication

A clear IB distinction is:

• Authentication confirms identity
• Authorisation controls permissions

A user may be:

• Authenticated correctly
• But authorised only for limited actions

Confusing these terms often leads to lost marks.

Real-World Examples

Examples of authorisation include:

• Students viewing but not editing grades
• Employees accessing only their department’s data
• Admin users managing system settings

These examples help justify access levels in IB exam answers.

Common Student Mistakes

Students often:

• Use authentication and authorisation interchangeably
• Ignore access levels
• Forget least privilege
• Give vague explanations

Clear definitions and examples score higher.

How This Appears in IB Exams

IB questions may ask students to:

• Define authorisation
• Explain access levels
• Apply roles to a scenario
• Justify permission restrictions

Justification is more important than memorisation.

Final Thoughts

Authorisation controls what authenticated users are allowed to do by assigning access levels and permissions. By limiting actions and enforcing least privilege, systems protect data, privacy, and integrity.

Understanding authorisation and access levels allows IB Computer Science students to explain secure system design clearly and confidently — exactly what examiners expect.

Learn the differences between HDDs, SSDs, and NAS for IB Computer Science, including performance, cost, and use cases.