Role-Based Access Control Models
Computer
Summary cache: a scalable wide-area web cache sharing protocol
IEEE/ACM Transactions on Networking (TON)
Protection in operating systems
Communications of the ACM
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
The role-based access control system of a European bank: a case study and discussion
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Observations on the role life-cycle in the context of enterprise security management
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Java Platform Performance: Strategies and Tactics
Java Platform Performance: Strategies and Tactics
Advanced Features for Enterprise-Wide Role-Based Access Control
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Role-Based Access Control
On permissions, inheritance and role hierarchies
Proceedings of the 10th ACM conference on Computer and communications security
CPOL: high-performance policy evaluation
Proceedings of the 12th ACM conference on Computer and communications security
Core role-based access control: efficient implementations by transformations
Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
Statistically rigorous java performance evaluation
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Mining roles with semantic meanings
Proceedings of the 13th ACM symposium on Access control models and technologies
Authorization recycling in RBAC systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Permission Set Mining: Discovering Practical and Useful Roles
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Protection: principles and practice
AFIPS '72 (Spring) Proceedings of the May 16-18, 1972, spring joint computer conference
Producing wrong data without doing anything obviously wrong!
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Evaluating role mining algorithms
Proceedings of the 14th ACM symposium on Access control models and technologies
Efficient access enforcement in distributed role-based access control (RBAC) deployments
Proceedings of the 14th ACM symposium on Access control models and technologies
Introduction to Algorithms, Third Edition
Introduction to Algorithms, Third Edition
A probabilistic approach to hybrid role mining
Proceedings of the 16th ACM conference on Computer and communications security
RoleVAT: Visual Assessment of Practical Need for Role Based Access Control
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
A simple role mining algorithm
Proceedings of the 2010 ACM Symposium on Applied Computing
Finding and analyzing database user sessions
DASFAA'05 Proceedings of the 10th international conference on Database Systems for Advanced Applications
Efficient run-time solving of RBAC user authorization queries: pushing the envelope
Proceedings of the second ACM conference on Data and Application Security and Privacy
NSS'12 Proceedings of the 6th international conference on Network and System Security
Hi-index | 0.00 |
We consider the distributed access enforcement problem for Role-Based Access Control (RBAC) systems. Such enforcement has become important with RBAC's increasing adoption, and the proliferation of data that needs to be protected. We assess six approaches, each of which has either been proposed in the literature, or is a natural candidate for access enforcement. The approaches are: directed graph, access matrix, authorization recycling, cpol, Bloom filter and cascade Bloom filter. We consider encodings of RBAC sessions in each, and propose and justify a benchmark for the assessment. We present our results from an empirical assessment of time, space and administrative efficiency based on the benchmark. We conclude with inferences we can make regarding the best approach to access enforcement for particular RBAC deployments based on our assessment.