Role-Based Access Control Models
Computer
Role based access control with the security administration manager (SAM)
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
A role-based access control model for protection domain derivation and management
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Determining role rights from use cases
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Implementing role-based access control using object technology
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Requirements for access control: US Healthcare domain
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Towards a UML based approach to role engineering
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Napoleon: network application policy environment
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The role-based access control system of a European bank: a case study and discussion
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Observations on the role life-cycle in the context of enterprise security management
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Partial outsourcing: a new paradigm for access control
Proceedings of the eighth ACM symposium on Access control models and technologies
On modeling system-centric information for role engineering
Proceedings of the eighth ACM symposium on Access control models and technologies
Role mining - revealing business roles for security administration using data mining technology
Proceedings of the eighth ACM symposium on Access control models and technologies
A role administration system in role-based authorization infrastructures: design and implementation
Proceedings of the 2003 ACM symposium on Applied computing
Mesmerize: an open framework for enterprise security management
ACSW Frontiers '04 Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation - Volume 32
A composite rbac approach for large, complex organizations
Proceedings of the ninth ACM symposium on Access control models and technologies
Proceedings of the tenth ACM symposium on Access control models and technologies
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
Mobile-driven architecture for managing enterprise security policies
Proceedings of the 44th annual Southeast regional conference
Role engineering using graph optimisation
Proceedings of the 12th ACM symposium on Access control models and technologies
A cost-driven approach to role engineering
Proceedings of the 2008 ACM symposium on Applied computing
Migrating to optimal RBAC with minimal perturbation
Proceedings of the 13th ACM symposium on Access control models and technologies
Mining roles with semantic meanings
Proceedings of the 13th ACM symposium on Access control models and technologies
Proceedings of the 13th ACM symposium on Access control models and technologies
Role engineering: From design to evolution of security schemes
Journal of Systems and Software
BusiROLE: A Model for Integrating Business Roles into Identity Management
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
HyDRo --- Hybrid Development of Roles
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
A formal framework to elicit roles with business meaning in RBAC systems
Proceedings of the 14th ACM symposium on Access control models and technologies
Evaluating role mining algorithms
Proceedings of the 14th ACM symposium on Access control models and technologies
Edge-RMP: Minimizing administrative assignments for role-based access control
Journal of Computer Security
A probabilistic approach to hybrid role mining
Proceedings of the 16th ACM conference on Computer and communications security
Strengthening employee's responsibility to enhance governance of IT: COBIT RACI chart case study
Proceedings of the first ACM workshop on Information security governance
Management advantages of object classification in role-based access control (RBAC)
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
The role mining problem: A formal perspective
ACM Transactions on Information and System Security (TISSEC)
Role mining in the presence of noise
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Mining Roles with Multiple Objectives
ACM Transactions on Information and System Security (TISSEC)
Incorporating social-cultural contexts in role engineering: an activity theoretic approach
International Journal of Business Information Systems
Automating security configuration and administration: an access control perspective
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
A new role mining framework to elicit business roles and to mitigate enterprise risk
Decision Support Systems
Mining RBAC roles under cardinality constraint
ICISS'10 Proceedings of the 6th international conference on Information systems security
Integrating business process modelling and ERP role engineering
International Journal of Business Information Systems
Role engineering: from theory to practice
Proceedings of the second ACM conference on Data and Application Security and Privacy
A framework for modeling organization structure in role engineering
PARA'04 Proceedings of the 7th international conference on Applied Parallel Computing: state of the Art in Scientific Computing
Role approach in access control development with the usage control concept
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
Evolving role definitions through permission invocation patterns
Proceedings of the 18th ACM symposium on Access control models and technologies
Toward mining of temporal roles
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
An optimization framework for role mining
Journal of Computer Security
| Hi-index | 0.00 |
In this paper we describe the work in progress with a process-oriented approach for role-finding to implement Role-Based Security Administration. Our results stem from using a recently proposed role model and procedural model at Siemens AG ICN, a large industrial organization.The core of this paper presents the data model, which integrates business processes, role based security administration and access control. Moreover, a structured top-down approach is outlined which is the basis for derivation of suitable business roles from enterprise process models.A brief description is given on how these results may be used to first build the Role Catalog and then support the implementation of RBAC and a single point of administration and control, using a cross-platform administration tool.