Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Protection in operating systems
Communications of the ACM
Administrative scope: A foundation for role-based administrative models
ACM Transactions on Information and System Security (TISSEC)
PBDM: a flexible delegation model in RBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Role-Based Access Control
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
A fine-grained, controllable, user-to-user delegation method in RBAC
Proceedings of the tenth ACM symposium on Access control models and technologies
Extended privilege inheritance in RBAC
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
A Critique of the ANSI Standard on Role-Based Access Control
IEEE Security and Privacy
| Hi-index | 0.00 |
Flexibility of management is an important requisite for access control systems as it allows users to adapt the access control system in accordance with practical requirements. This paper builds on earlier work where we defined administrative policies for a general class of RBAC models. We present a formal definition of administrative refinement and we show that there is an ordering for administrative privileges which yields administrative refinements of policies. We argue (by giving an example) that this privilege ordering can be very useful in practice, and we prove that the privilege ordering is tractable.