Towards an integrated approach to role engineering
Proceedings of the 3rd ACM workshop on Assurable and usable security configuration
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Modeling process-related RBAC models with extended UML activity models
Information and Software Technology
Deriving role engineering artifacts from business processes and scenario models
Proceedings of the 16th ACM symposium on Access control models and technologies
An integrated approach for identity and access management in a SOA context
Proceedings of the 16th ACM symposium on Access control models and technologies
Role approach in access control development with the usage control concept
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
Engineering access control policies for provenance-aware systems
Proceedings of the third ACM conference on Data and application security and privacy
Evolving role definitions through permission invocation patterns
Proceedings of the 18th ACM symposium on Access control models and technologies
Supporting entailment constraints in the context of collaborative web applications
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Generic support for RBAC break-glass policies in process-aware information systems
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Secure federation of semantic information services
Decision Support Systems
ICWE'13 Proceedings of the 13th international conference on Web Engineering
Enforcement of entailment constraints in distributed service-based business processes
Information and Software Technology
Modelling context-aware RBAC models for mobile business processes
International Journal of Wireless and Mobile Computing
| Hi-index | 0.00 |
Access control deals with eliciting, specifying, enforcing, and maintaining access control policies in software-based systems. Recently, role-based access control (RBAC)—together with various extensions—has developed into a de facto standard for access control. Scenario-driven role engineering is a systematic approach for defining customized RBAC models, including roles, permissions, constraints, and role hierarchies. Since its first publication in 2002, the author gained considerable experience with scenario-driven role engineering, and several consulting firms and international projects have adopted the approach. Based on these experiences, the author enhanced the approach and now has a much deeper understanding of the relations between different role-engineering artifacts, the need for process tailoring, and the use of preexisting documents in role-engineering activities.