Future directions in role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Implementing role-based access control using object technology
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Referee: trust management for Web applications
World Wide Web Journal - Special issue: Web security: a matter of trust
Using digital credentials on the World Wide Web
Journal of Computer Security - Special issue on security in the World Wide Web
The role of trust management in distributed systems security
Secure Internet programming
Reasoning About Security: A Logic and a Decision Method for Role-Based Access Control
ECSQARU/FAPR '97 Proceedings of the First International Joint Conference on Qualitative and Quantitative Practical Reasoning
Authorization and Attribute Certificates for Widely Distributed Access Control
WETICE '98 Proceedings of the 7th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
KeyNote: Trust Management for Public-Key Infrastructures (Position Paper)
Proceedings of the 6th International Workshop on Security Protocols
A Formal Model for Role-Based Access Control with Constraints
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
A Logic-based Knowledge Representation for Authorization with Delegation
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
A security policy model for clinical information systems
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
A Knowledge-Based Approach to Internet Authorizations
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
An RBAC Based Policy Enforcement Coordination Model in Internet Environment
EDCIS '02 Proceedings of the First International Conference on Engineering and Deployment of Cooperative Information Systems
Collaborative business and data privacy: toward a cyber-control?
Computers in Industry - Special issue: The digital factory: an instrument of the present and the future
A security policy framework for context-aware and user preferences in e-services
Journal of Systems Architecture: the EUROMICRO Journal
Instance-level access control for business-to-business electronic commerce
IBM Systems Journal
Collaborative business and data privacy: Toward a cyber-control?
Computers in Industry - Special issue: The digital factory: an instrument of the present and the future
| Hi-index | 0.24 |
In this paper, the approaches to introducing security policy into Role-Based Access Control (RBAC) and the Common Data Security Architecture (CDSA) are proposed. We apply security policy to a role's privileges in RBAC. An extended RBAC using PKI and role-assignment policy is described. The improved CDSA supports user-definable trust policy enforcement using trust policy description files. A policy-based CDSA is also presented. Furthermore, a role definition language is given, and a policy representation language is discussed.