Parents are shared parts of objects: inheritance and encapsulation in SELF
Lisp and Symbolic Computation
Monotonic conflict resolution mechanisms for inheritance
OOPSLA '92 conference proceedings on Object-oriented programming systems, languages, and applications
Role-Based Access Control Models
Computer
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The uses of role hierarchies in access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Access Control in a Virtual University
WETICE '99 Proceedings of the 8th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Fine-Grained Access Control with Object-Sensitive Roles
Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
A Multiple Hierarchies RBAC Model
CMC '10 Proceedings of the 2010 International Conference on Communications and Mobile Computing - Volume 01
OSDM: an organizational supervised delegation model for RBAC
ISC'12 Proceedings of the 15th international conference on Information Security
Hi-index | 0.00 |
Role-Based Access Control (RBAC) has become the de facto standard for realizing authorization requirements in a wide range of organizations. Existing RBAC models suffer from two main shortcomings; lack of expressiveness of roles/permissions and ambiguities of their hierarchies. Roles/permissions expressiveness is limited since roles do not have the ability to express behaviour and state, while hierarchical RBAC cannot reflect real organizational hierarchies. In this paper, we propose a novel access control model: The Role-Oriented Access Control Model (ROAC), which is based on the concepts of RBAC but inspired by the object-oriented paradigm. ROAC greatly enhances expressiveness of roles and permissions by introducing parameters and methods as members. The hierarchical ROAC model supports selective inheritance of permissions.