The NTree: a two dimension partial order for protection groups
ACM Transactions on Computer Systems (TOCS)
Recognizing Immediacy in an N-Tree Hierarchy and its Application to Protection Groups
IEEE Transactions on Software Engineering
A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
On the design and administration of secure database transactions
ACM SIGSAC Review - Special issue on Issues '91: data management security and privacy standards
Operating System Structures to Support Security and Reliable Software
ACM Computing Surveys (CSUR)
A lattice model of secure information flow
Communications of the ACM
A Model of Authorization for Object-Oriented and Semantic Databases
EDBT '88 Proceedings of the International Conference on Extending Database Technology: Advances in Database Technology
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Role-based security, object oriented databases and separation of duty
ACM SIGMOD Record
A new approach to security system development
NSPW '94 Proceedings of the 1994 workshop on New security paradigms
An Authorization Model for a Distributed Hypertext System
IEEE Transactions on Knowledge and Data Engineering
Role-based information security: change management issues
ISICT '04 Proceedings of the 2004 international symposium on Information and communication technologies
Hi-index | 0.00 |
User role-based protection presents a flexible (hence adaptive) means for enforcing differing ranges of security policies. It can emulate both mandatory and discretionary access control modes of protection. Role-based protection enforces the principle of least privilege, hence minimizing the risk of Trojan horse attacks. This paper offers a glimpse into the strengths (and some weaknesses) of role-based protection, the structures for its enforcement and pointers to the direction for future research.