Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Distributed credential chain discovery in trust management: extended abstract
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Administrative scope: A foundation for role-based administrative models
ACM Transactions on Information and System Security (TISSEC)
An administration concept for the enterprise role-based access control model
Proceedings of the eighth ACM symposium on Access control models and technologies
PBDM: a flexible delegation model in RBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments
ICDCS '02 Proceedings of the 22 nd International Conference on Distributed Computing Systems (ICDCS'02)
Role-Based Access Control
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
A fine-grained, controllable, user-to-user delegation method in RBAC
Proceedings of the tenth ACM symposium on Access control models and technologies
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Extended privilege inheritance in RBAC
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
A Critique of the ANSI Standard on Role-Based Access Control
IEEE Security and Privacy
Delegation in role-based access control
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Modular context-aware access control for medical sensor networks
Proceedings of the 15th ACM symposium on Access control models and technologies
RBAC-based access control integration framework for legacy system
WISM'10 Proceedings of the 2010 international conference on Web information systems and mining
RAR: A role-and-risk based flexible framework for secure collaboration
Future Generation Computer Systems
Analyzing temporal role based access control models
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Nephele: Scalable Access Control for Federated File Services
Journal of Grid Computing
Policy administration in tag-based authorization
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
| Hi-index | 0.00 |
Large and distributed access control systems are increasingly common, for example in health care. In such settings, access control policies may become very complex, thus complicating correct and efficient adminstration of the access control system. Despite being one of the most widely used access control standards, RBAC does not include an administration model for distributed systems. In this paper we fill this gap. We present a model for the administration of RBAC in a distributed system and propose an administration procedure supporting the principle that different systems protect different sets of objects. We demonstrate that our procedure fulfills the formal requirements deriving from safety and availability, and we show how it can be translated to a practical implementation. Finally, we show how our model can be extended with multiple decentralized administrative systems.