A user-role based data security approach
on Database Security: Status and Prospects
Role-based security in data base management systems
on Database Security: Status and Prospects
A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
Role-based security, object oriented databases and separation of duty
ACM SIGMOD Record
Role-Based Access Control Models
Computer
Design for dynamic user-role-based security
Computers and Security
The management of computer security profiles using a role-oriented approach
Computers and Security
Modeling mandatory access control in role-based security systems
Proceedings of the ninth annual IFIP TC11 WG11.3 working conference on Database security IX : status and prospects: status and prospects
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Mandatory access control and role-based access control revisited
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
On the interaction between role-based access control and relational databases
Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects
Commercial integrity, roles and object orientation
Commercial integrity, roles and object orientation
Protection in operating systems
Communications of the ACM
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
User Group Structures in Object-Oriented Database Authorization
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
Access Rights Administration in Role-Based Security Systems
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Role Hierarchies and Constraints for Lattice-Based Access Controls
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Graph Theory With Applications
Graph Theory With Applications
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The RSL99 language for role-based separation of duty constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
An architecture for distributed OASIS services
IFIP/ACM International Conference on Distributed systems platforms
Modeling users in role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Integrated constraints and inheritance in DTAC
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Engineering authority and trust in cyberspace: the OM-AM and RBAC way
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
An access control model for simplifying constraint expression
Proceedings of the 7th ACM conference on Computer and communications security
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
The role-based access control system of a European bank: a case study and discussion
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A graphical definition of authorization schema in the DTAC model
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Managing access control complexity using metrices
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Panel: which access control technique will provide the greatest overall benefit
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A model of OASIS role-based access control and its support for active security
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
An argument for the role-based access control model
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Temporal hierarchies and inheritance semantics for GTRBAC
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Administrative scope and role hierarchy operations
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A model for role administration using organization structure
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Information flow analysis of an RBAC system
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A graph-based formalism for RBAC
ACM Transactions on Information and System Security (TISSEC)
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
Integrating role graphs: a tool for security integration
Data & Knowledge Engineering - Data and applications security
AGILE: An Agent-Assisted Infrastructure to Support Learning Environments
IDEAL '02 Proceedings of the Third International Conference on Intelligent Data Engineering and Automated Learning
Access Control and Trust in the Use of Widely Distributed Services
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Decidability of Safety in Graph-Based Models for Access Control
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Trust-Based Security Model and Enforcement Mechanism for Web Service Technology
TES '02 Proceedings of the Third International Workshop on Technologies for E-Services
Administrative scope: A foundation for role-based administrative models
ACM Transactions on Information and System Security (TISSEC)
Hierarchical data security in a query-by-example interface for a shared database
Journal of Biomedical Informatics
The role control center: features and case studies
Proceedings of the eighth ACM symposium on Access control models and technologies
A methodology for managing roles in legacy systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Specifying and enforcing constraints in role-based access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Role mining - revealing business roles for security administration using data mining technology
Proceedings of the eighth ACM symposium on Access control models and technologies
Static verification of security requirements in role based CSCW systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Access control and trust in the use of widely distributed services
Software—Practice & Experience - Special issue: Middleware
ACSW Frontiers '03 Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003 - Volume 21
A Role-Based Security Architecture for Business Intelligence
TOOLS '00 Proceedings of the Technology of Object-Oriented Languages and Systems (TOOLS 34'00)
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
On permissions, inheritance and role hierarchies
Proceedings of the 10th ACM conference on Computer and communications security
Organizational modeling in UML and XML in the context of workflow systems
Proceedings of the 2003 ACM symposium on Applied computing
Embedding role-based access control model in object-oriented systems to protect privacy
Journal of Systems and Software
A role-based approach to access control for XML databases
Proceedings of the ninth ACM symposium on Access control models and technologies
Administrative scope in the graph-based framework
Proceedings of the ninth ACM symposium on Access control models and technologies
Using uml to visualize role-based access control constraints
Proceedings of the ninth ACM symposium on Access control models and technologies
Towards a formal model for security policies specification and validation in the selinux system
Proceedings of the ninth ACM symposium on Access control models and technologies
Separation of duties for access control enforcement in workflow environments
IBM Systems Journal - End-to-end security
Adaptive Teamwork Coordination Using Graph Matching over Hierarchical Intentional Structures
AAMAS '04 Proceedings of the Third International Joint Conference on Autonomous Agents and Multiagent Systems - Volume 1
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
Providing flexible access control to an information flow control model
Journal of Systems and Software
Verifiable composition of access control and application features
Proceedings of the tenth ACM symposium on Access control models and technologies
IEEE Transactions on Dependable and Secure Computing
Understanding and developing role-based administrative models
Proceedings of the 12th ACM conference on Computer and communications security
Delegation in the role graph model
Proceedings of the eleventh ACM symposium on Access control models and technologies
A model-checking approach to analysing organisational controls in a loan origination process
Proceedings of the eleventh ACM symposium on Access control models and technologies
An effective role administration model using organization structure
ACM Transactions on Information and System Security (TISSEC)
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Managing RBAC states with transitive relations
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
ACM Transactions on Information and System Security (TISSEC)
Visual modeling and formal specification of constraints of RBAC using semantic web technology
Knowledge-Based Systems
Key management for content access control in a hierarchy
Computer Networks: The International Journal of Computer and Telecommunications Networking
Managing Impacts of Security Protocol Changes in Service-Oriented Applications
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Discretionary access control with the administrative role graph model
Proceedings of the 12th ACM symposium on Access control models and technologies
Formal foundations for hybrid hierarchies in GTRBAC
ACM Transactions on Information and System Security (TISSEC)
Dynamic Work Distribution in Workflow Management Systems: How to Balance Quality and Performance
Journal of Management Information Systems
Data security in location-aware applications: an approach based on RBAC
International Journal of Information and Computer Security
On spatio-temporal constraints and inheritance in role-based access control
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Facilitating asynchronous discussions in learning communities: the impact of moderation strategies
Behaviour & Information Technology - Computer Support for Learning Communities
Advanced Permission-Role Relationship in Role-Based Access Control
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
A Methodology for Bridging between RBAC and an Arbitrary Application Program
SDM '08 Proceedings of the 5th VLDB workshop on Secure Data Management
Specification of SA-RBAC Policy Based on Colored Petri Net
WI-IAT '08 Proceedings of the 2008 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology - Volume 03
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools
Transactions on Computational Science IV
Distributed and Parallel Databases
Applying quorum role in network management
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
A Formal Approach for the Evaluation of Network Security Mechanisms Based on RBAC Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Access control for workflow environment: the RTFW model
CSCWD'06 Proceedings of the 10th international conference on Computer supported cooperative work in design III
A unified conflict resolution algorithm
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Architecture for data collection in database intrusion detection systems
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Mediator-free secure policy interoperation of exclusively-trusted multiple domains
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Security policies in distributed CSCW and workflow systems
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
RTME: extension of role-task modeling for the purpose of access control specification
HCSE'10 Proceedings of the Third international conference on Human-centred software engineering
Mixing privacy with role-based access control
Proceedings of The Fourth International C* Conference on Computer Science and Software Engineering
Creating objects in the flexible authorization framework
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Resolving information flow conflicts in RBAC systems
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Discretionary and mandatory controls for role-based administration
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Specifying an access control model for ontologies for the semantic web
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
The conflict detection between permission assignment constraints in role-based access control
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
A flexible privilege management scheme for role graph model
PARA'04 Proceedings of the 7th international conference on Applied Parallel Computing: state of the Art in Scientific Computing
Conformance checking of RBAC policy and its implementation
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Conflict of interest in the administrative role graph model
SDM'06 Proceedings of the Third VLDB international conference on Secure Data Management
Hybrid authorizations and conflict resolution
SDM'06 Proceedings of the Third VLDB international conference on Secure Data Management
Implementing authorization delegations using graph
DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
Role assignment for an agent group in consideration of conflicts among agents
Canadian AI'12 Proceedings of the 25th Canadian conference on Advances in Artificial Intelligence
A new approach for delegation in usage control
Proceedings of the third ACM conference on Data and application security and privacy
CoBAn: A context based model for data leakage prevention
Information Sciences: an International Journal
Hi-index | 0.00 |
We describe in more detail than before the reference model for role-based access control introduced by Nyanchama and Osborn, and the role-graph model with its accompanying algorithms, which is one way of implementing role-role relationships. An alternative role insertion algorithm is added, and it is shown how the role creation policies of Fernandez et al. correspond to role addition algorithms in our model. We then use our reference model to provide a taxonomy for kinds of conflict. We then go on to consider in some detail privilege-privilege and and role-role conflicts in conjunction with the role graph model. We show how role-role conflicts lead to a partitioning of the role graph into nonconflicting collections that can together be safely authorized to a given user. Finally, in an appendix, we present the role graph algorithms with additional logic to disallow roles that contain conflicting privileges.