RBAC '98 Proceedings of the third ACM workshop on Role-based access control
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
An architecture for distributed OASIS services
IFIP/ACM International Conference on Distributed systems platforms
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Structured management of role-permission relationships
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A model for role administration using organization structure
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Dynamic Policy Model for Large Evolving Enterprises
EDOC '01 Proceedings of the 5th IEEE International Conference on Enterprise Distributed Object Computing
RBAC on the Web by Secure Cookies
Proceedings of the IFIP WG 11.3 Thirteenth International Conference on Database Security: Research Advances in Database and Information Systems Security
The ARBAC99 Model for Administration of Roles
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Role-Based Access Control
X-GTRBAC admin: a decentralized administration model for enterprise wide access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Separation of duties for access control enforcement in workflow environments
IBM Systems Journal - End-to-end security
Secure role activation and authorization in the enterprise environment
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
Hi-index | 0.00 |
Role Based Access Control (RBAC) [6] is a popular approach to specify and enforce security policies in organizations. In RBAC, users are not directly assigned permission but with the use of roles as the intermediary. Role activation is one important component in RBAC. A user may activate a subset of his/her assigned roles to exercise the associated permission. This paper proposes a number of ways in which the role activation constraints can be specified and enforced in the enterprise environment. Also, an access control model and an authorization process are proposed to support the specification and enforcement of dynamic separation of duty constraints in a decentralized manner.