Role approach in access control development with the usage control concept

Authors:
Aneta Poniszewska-Maranda
Affiliations:
Institute of Information Technology, Technical University of Lodz, Poland
Venue:
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
Year:
2012

Citing 16
Cited 0

Determining role rights from use cases

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
The specification and enforcement of authorization constraints in workflow management systems

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Towards a UML based approach to role engineering

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Process-oriented approach for role-finding to implement role-based security administration in a large industrial organization

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
A scenario-driven role engineering process for functional RBAC roles

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Engineering of Role/Permission Assignments

ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
An integrated approach to engineer and enforce context constraints in RBAC environments

ACM Transactions on Information and System Security (TISSEC)
Formal model and policy specification of usage control

ACM Transactions on Information and System Security (TISSEC)
Model driven security: From UML models to access control infrastructures

ACM Transactions on Software Engineering and Methodology (TOSEM)
Distributed usage control

Communications of the ACM - Privacy and security in highly dynamic systems
Role engineering: From design to evolution of security schemes

Journal of Systems and Software
Role Engineering for Enterprise Security Management

Role Engineering for Enterprise Security Management
Scenario-Driven Role Engineering

IEEE Security and Privacy
Implementation of access control model for distributed information systems using usage control

SIIS'11 Proceedings of the 2011 international conference on Security and Intelligent Information Systems
Survey: Usage control in computer security: A survey

Computer Science Review

Quantified Score

Hi-index	0.00

Visualization

Abstract

Development of information technology, progress and increase of information flow have the impact on the development of enterprises and require rapid changes in their information systems. Very important stage of data protection in information system is the creation of high level model, satisfying the needs of system protection and security. This paper presents the role engineering aspects of access control for dynamic information systems. The objective is to find the approach of access control to ensure in perspective the global coherence of security rules for all components of an system.