Role-Based Access Control Models
Computer
Modeling mandatory access control in role-based security systems
Proceedings of the ninth annual IFIP TC11 WG11.3 working conference on Database security IX : status and prospects: status and prospects
Mandatory access control and role-based access control revisited
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
On the interaction between role-based access control and relational databases
Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects
How to do discretionary access control using roles
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A lattice model of secure information flow
Communications of the ACM
Lattice-Based Access Control Models
Computer
Access Rights Administration in Role-Based Security Systems
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
Role Hierarchies and Constraints for Lattice-Based Access Controls
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Administrative models for role-based access control
Administrative models for role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Engineering authority and trust in cyberspace: the OM-AM and RBAC way
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Panel: which access control technique will provide the greatest overall benefit
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
An argument for the role-based access control model
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Role-based access control on the web
ACM Transactions on Information and System Security (TISSEC)
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Design and implementation of a flexible RBAC-service in an object-oriented scripting language
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Temporal hierarchies and inheritance semantics for GTRBAC
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Information sharing and security in dynamic coalitions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A model for role administration using organization structure
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Information flow analysis of an RBAC system
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A graph-based formalism for RBAC
ACM Transactions on Information and System Security (TISSEC)
The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
Integrating role graphs: a tool for security integration
Data & Knowledge Engineering - Data and applications security
XML-Based Distributed Access Control System
EC-WEB '02 Proceedings of the Third International Conference on E-Commerce and Web Technologies
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Future Directions in Role-Based Access Control Models
MMM-ACNS '01 Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security
Administrative scope: A foundation for role-based administrative models
ACM Transactions on Information and System Security (TISSEC)
Dependencies and separation of duty constraints in GTRBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
Journal of Computer Security - IFIP 2000
Security and privacy issues of handheld and wearable wireless devices
Communications of the ACM - Why CS students need math
On permissions, inheritance and role hierarchies
Proceedings of the 10th ACM conference on Computer and communications security
An approach to secure information flow on Object Oriented Role-based Access Control model
Proceedings of the 2003 ACM symposium on Applied computing
Role-Based Access Controls: Status, Dissemination, and Prospects for Generic Security Mechanisms
Electronic Commerce Research
A policy-based security framework for Web-enabled applications
ISICT '03 Proceedings of the 1st international symposium on Information and communication technologies
Embedding role-based access control model in object-oriented systems to protect privacy
Journal of Systems and Software
A role-based approach to access control for XML databases
Proceedings of the ninth ACM symposium on Access control models and technologies
X-GTRBAC admin: a decentralized administration model for enterprise wide access control
Proceedings of the ninth ACM symposium on Access control models and technologies
A compressed accessibility map for XML
ACM Transactions on Database Systems (TODS)
MAC and UML for secure software design
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Comparing the expressive power of access control models
Proceedings of the 11th ACM conference on Computer and communications security
Access-Control Language for Multidomain Environments
IEEE Internet Computing
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
Providing flexible access control to an information flow control model
Journal of Systems and Software
Simulation Verification and Validation by Dynamic Policy Enforcement
ANSS '05 Proceedings of the 38th annual Symposium on Simulation
Composing and combining policies under the policy machine
Proceedings of the tenth ACM symposium on Access control models and technologies
ACM Transactions on Information and System Security (TISSEC)
Mediation security specification and enforcement for heterogeneous databases
Proceedings of the 2005 ACM symposium on Applied computing
Component based trust management in the context of a virtual organization
Proceedings of the 2005 ACM symposium on Applied computing
IEEE Transactions on Dependable and Secure Computing
An information flow control model for C applications based on access control lists
Journal of Systems and Software
ICEC '05 Proceedings of the 7th international conference on Electronic commerce
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Secure information sharing enabled by Trusted Computing and PEI models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Fine-grained role-based delegation in presence of the hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Data-centric security: role analysis and role typestates
Proceedings of the eleventh ACM symposium on Access control models and technologies
Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Managing role relationships in an information flow control model
Journal of Systems and Software
An effective role administration model using organization structure
ACM Transactions on Information and System Security (TISSEC)
Formal foundations for hybrid hierarchies in GTRBAC
ACM Transactions on Information and System Security (TISSEC)
Role-based 3D visualisation for asynchronous PLM collaboration
Computers in Industry
A theory for comparing the expressive power of access control models
Journal of Computer Security
Role management in adhoc networks
SpringSim '07 Proceedings of the 2007 spring simulaiton multiconference - Volume 1
Describing access control models as design patterns using roles
Proceedings of the 2006 conference on Pattern languages of programs
Personalized access control for a personally controlled health record
Proceedings of the 2nd ACM workshop on Computer security architectures
Requirements of federated trust management for service-oriented architectures
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Security Violation Detection for RBAC Based Interoperation in Distributed Environment
IEICE - Transactions on Information and Systems
Separation of Duty in Trust-Based Collaboration
Information Security and Cryptology
DPMF: A policy management framework for heterogeneous authorization systems in grid environments
Multiagent and Grid Systems - Content management and delivery through P2P-based content networks
Database Intrusion Detection Using Role Profiling with Role Hierarchy
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Multi-Level modeling and access control for data sharing in collaborative design
Advanced Engineering Informatics
SMC'09 Proceedings of the 2009 IEEE international conference on Systems, Man and Cybernetics
Management advantages of object classification in role-based access control (RBAC)
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
An integrated model for access control and information flow requirements
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Authorization constraints specification of RBAC
WISA'07 Proceedings of the 8th international conference on Information security applications
A compositional multiple policies operating system security model
WISA'07 Proceedings of the 8th international conference on Information security applications
Personalizing access control by generalizing access control
Proceedings of the 15th ACM symposium on Access control models and technologies
Group-centric models for secure and agile information sharing
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
SecurOntology: A semantic web access control framework
Computer Standards & Interfaces
Towards automatic update of access control policy
LISA'10 Proceedings of the 24th international conference on Large installation system administration
Cryptographic enforcement of role-based access control
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Journal of Systems Architecture: the EUROMICRO Journal
Types for role-based access control of dynamic web data
WFLP'10 Proceedings of the 19th international conference on Functional and constraint logic programming
Chameleon: a model of identification, authorization and accountability for ubicomp
UIC'11 Proceedings of the 8th international conference on Ubiquitous intelligence and computing
ACM Transactions on Information and System Security (TISSEC)
An auto-delegation mechanism for access control systems
STM'10 Proceedings of the 6th international conference on Security and trust management
A network security policy model and its realization mechanism
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Resolving information flow conflicts in RBAC systems
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Authrule: a generic rule-based authorization module
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
λ-RBAC: programming with role-based access control
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
The research for spatial role-based access control model
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
Role-based modelling of interactions in database applications
CAiSE'06 Proceedings of the 18th international conference on Advanced Information Systems Engineering
Security and trust requirements engineering
Foundations of Security Analysis and Design III
Feasibility study of software reengineering towards role-based access control
International Journal of Computer Applications in Technology
Inconsistency detection of authorization policies in distributed component environment
WISA'04 Proceedings of the 5th international conference on Information Security Applications
Automatic enforcement of access control policies among dynamic coalitions
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
Ontology-Based RBAC specification for interoperation in distributed environment
ASWC'06 Proceedings of the First Asian conference on The Semantic Web
Enforce mandatory access control policy on XML documents
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
Web application security gateway with java non-blocking IO
NGITS'06 Proceedings of the 6th international conference on Next Generation Information Technologies and Systems
The complexity of discretionary access control
IWSEC'06 Proceedings of the 1st international conference on Security
ICISS'05 Proceedings of the First international conference on Information Systems Security
A security management information model derivation framework: from goals to configurations
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
A policy-based decentralized authorization management framework for cloud computing
Proceedings of the 27th Annual ACM Symposium on Applied Computing
A trust-and-risk aware RBAC framework: tackling insider threat
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Decentralized governance of distributed systems via interaction control
Logic Programs, Norms and Action
A new RBAC based access control model for cloud computing
GPC'12 Proceedings of the 7th international conference on Advances in Grid and Pervasive Computing
The need for application-aware access control evaluation
Proceedings of the 2012 workshop on New security paradigms
Information Systems and e-Business Management
Policy administration in tag-based authorization
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Enforcing Minimum Necessary Access in Healthcare Through Integrated Audit and Access Control
Proceedings of the International Conference on Bioinformatics, Computational Biology and Biomedical Informatics
On the suitability of dissemination-centric access control systems for group-centric sharing
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.00 |
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general enough to simulate the traditional methods. In this paper we provide systematic constructions for various common forms of both of the traditional access control paradigms using the role-based access control (RBAC) models of Sandhu et al., commonly called RBAC96. We see that all of the features of the RBAC96 model are required, and that although for the manatory access control simulation, only one administrative role needs to be assumed, for the discretionary access control simulations, a complex set of administrative roles is required.