Role-Based Access Control Models
Computer
RBAC emulation on trusted DG/UX
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Role based access control with the security administration manager (SAM)
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
hyperDRIVE: leveraging LDAP to implement RBAC on the Web
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
RBAC support in object-oriented role databases
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Role-based access control in ORACLE7 and Trusted ORACLE7
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
NetWare 4 as an example of role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Implementing role-based access control using object technology
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Managing role/permission relationships using object access types
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Role-based access control in Java
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Role-based access control on the Web using Java
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Role-based access control in DCOM
Journal of Systems Architecture: the EUROMICRO Journal
Decentralized user group assignment in Windows NT
Journal of Systems and Software
Role-based access control on the web
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
ACM SIGAda Ada Letters
Inside Com+: Base Services with Cdrom
Inside Com+: Base Services with Cdrom
Access Control and Session Management in the HTTP Environment
IEEE Internet Computing
SEC '02 Proceedings of the IFIP TC11 17th International Conference on Information Security: Visions and Perspectives
A Formal Analysis of the CORBA Security Service
ZB '02 Proceedings of the 2nd International Conference of B and Z Users on Formal Specification and Development in Z and B
Role-Based Access Control for CORBA Distributed Object Systems
WORDS '02 Proceedings of the The Seventh IEEE International Workshop on Object-Oriented Real-Time Dependable Systems (WORDS 2002)
Application of Role-Based Access Control for Web Environment
UMC '08 Proceedings of the 2008 International Symposium on Ubiquitous Multimedia Computing
Hi-index | 0.00 |
We analyze access control mechanisms of the COM+ architecture and define a configuration of the COM+ protection system in more precise and less ambiguous language than the COM+ documentation. Using this configuration, we suggest an algorithm that formally specifies the semantics of authorization decisions in COM+. We analyze the level of support for the American National Standard Institute's (ANSI) specification of role-based access control (RBAC) components and functional specification in COM+. Our results indicate that COM+ falls short of supporting even Core RBAC. The main limitations exist due to the tight integration of the COM+ architecture with the underlying operating system, which prevents support for session management and role activation, as specified in ANSI RBAC.