Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles: preliminary description and outline
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
A role-based access control model for protection domain derivation and management
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Towards a more complete model of role
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Injecting RBAC to secure a Web-based workflow system
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Engineering authority and trust in cyberspace: the OM-AM and RBAC way
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Security models for web-based applications
Communications of the ACM
Protection in operating systems
Communications of the ACM
Tangled Web: Tales of Digital Crime from the Shadows of Cyberspace
Tangled Web: Tales of Digital Crime from the Shadows of Cyberspace
Web Security, Privacy and Commerce
Web Security, Privacy and Commerce
PBDM: a flexible delegation model in RBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
PRES: a practical flexible RBAC workflow system
ICEC '05 Proceedings of the 7th international conference on Electronic commerce
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Secure delegation for distributed object environments
COOTS'98 Proceedings of the 4th conference on USENIX Conference on Object-Oriented Technologies and Systems - Volume 4
An efficient access control based on role attributes in service oriented environments
Proceedings of the 6th International Conference on Ubiquitous Information Management and Communication
Using timed colored petri nets and CPN-tool to model and verify TRBAC security policies
VECoS'10 Proceedings of the Fourth international conference on Verification and Evaluation of Computer and Communication Systems
| Hi-index | 0.00 |
Web-based workflow systems have emerged in almost every business because they can support dynamic business processes over heterogeneous computing systems which is the requirement of a modern business. At the same time security and flexibility have become the two most important aspects in those systems. Role-based Access Control has been injected to Web-based workflow systems to control access (without hindering the process), which has greatly facilitated the access control management. However, a high-level user may want to delegate one of his permissions to a member. In this case, a flexible delegation would be required to achieve this functionality. In this research, we investigated the idea of delegation and developed a framework for injecting Permissionbased Delegation Model (PBDM(WEB)) to secure Web-based workflow systems. PBDM(WEB) supports Role-based Access Control, flexible permission-based delegation and ability-based delegation, interoperation among multi-domain systems and consistency of authorization.