Configuring role-based access control to enforce mandatory and discretionary access control policies

The NIST model for role-based access control: towards a unified standard

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control

Engineering authority and trust in cyberspace: the OM-AM and RBAC way

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control

Panel: which access control technique will provide the greatest overall benefit

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies

An argument for the role-based access control model

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies

Role-based authorization constraints specification

ACM Transactions on Information and System Security (TISSEC)

Role-based access control on the web

ACM Transactions on Information and System Security (TISSEC)

TRBAC: A temporal role-based access control model

ACM Transactions on Information and System Security (TISSEC)

Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)

Design and implementation of a flexible RBAC-service in an object-oriented scripting language

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security

Temporal hierarchies and inheritance semantics for GTRBAC

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies

Information sharing and security in dynamic coalitions

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies

A model for role administration using organization structure

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies

Information flow analysis of an RBAC system

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies

A graph-based formalism for RBAC

ACM Transactions on Information and System Security (TISSEC)

The economics of information security investment

ACM Transactions on Information and System Security (TISSEC)

Integrating role graphs: a tool for security integration

Data & Knowledge Engineering - Data and applications security

XML-Based Distributed Access Control System

EC-WEB '02 Proceedings of the Third International Conference on E-Commerce and Web Technologies

Access Control: Policies, Models, and Mechanisms

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures

Future Directions in Role-Based Access Control Models

MMM-ACNS '01 Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security

Administrative scope: A foundation for role-based administrative models

ACM Transactions on Information and System Security (TISSEC)

Dependencies and separation of duty constraints in GTRBAC

Proceedings of the eighth ACM symposium on Access control models and technologies

The economic cost of publicly announced information security breaches: empirical evidence from the stock market

Journal of Computer Security - IFIP 2000

Security and privacy issues of handheld and wearable wireless devices

Communications of the ACM - Why CS students need math

On permissions, inheritance and role hierarchies

Proceedings of the 10th ACM conference on Computer and communications security

An approach to secure information flow on Object Oriented Role-based Access Control model

Proceedings of the 2003 ACM symposium on Applied computing

Role-Based Access Controls: Status, Dissemination, and Prospects for Generic Security Mechanisms

Electronic Commerce Research

A policy-based security framework for Web-enabled applications

ISICT '03 Proceedings of the 1st international symposium on Information and communication technologies

Embedding role-based access control model in object-oriented systems to protect privacy

Journal of Systems and Software

XML-Based Specification for Web Services Document Security

Computer

A role-based approach to access control for XML databases

Proceedings of the ninth ACM symposium on Access control models and technologies

X-GTRBAC admin: a decentralized administration model for enterprise wide access control

Proceedings of the ninth ACM symposium on Access control models and technologies

A compressed accessibility map for XML

ACM Transactions on Database Systems (TODS)

MAC and UML for secure software design

Proceedings of the 2004 ACM workshop on Formal methods in security engineering

Comparing the expressive power of access control models

Proceedings of the 11th ACM conference on Computer and communications security

Access-Control Language for Multidomain Environments

IEEE Internet Computing

A Generalized Temporal Role-Based Access Control Model

IEEE Transactions on Knowledge and Data Engineering

Providing flexible access control to an information flow control model

Journal of Systems and Software

Simulation Verification and Validation by Dynamic Policy Enforcement

ANSS '05 Proceedings of the 38th annual Symposium on Simulation

Composing and combining policies under the policy machine

Proceedings of the tenth ACM symposium on Access control models and technologies

X-GTRBAC: an XML-based policy specification framework and architecture for enterprise-wide access control

ACM Transactions on Information and System Security (TISSEC)

Mediation security specification and enforcement for heterogeneous databases

Proceedings of the 2005 ACM symposium on Applied computing

Component based trust management in the context of a virtual organization

Proceedings of the 2005 ACM symposium on Applied computing

An Analysis of Expressiveness and Design Issues for the Generalized Temporal Role-Based Access Control Model

IEEE Transactions on Dependable and Secure Computing

An information flow control model for C applications based on access control lists

Journal of Systems and Software

Towards end-to-end privacy control in the outsourcing of marketing activities: a web service integration solution

ICEC '05 Proceedings of the 7th international conference on Electronic commerce

Secure Interoperation in a Multidomain Environment Employing RBAC Policies

IEEE Transactions on Knowledge and Data Engineering

Secure information sharing enabled by Trusted Computing and PEI models

ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security

Fine-grained role-based delegation in presence of the hybrid role hierarchy

Proceedings of the eleventh ACM symposium on Access control models and technologies

Data-centric security: role analysis and role typestates

Proceedings of the eleventh ACM symposium on Access control models and technologies

Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy

Proceedings of the eleventh ACM symposium on Access control models and technologies

Managing role relationships in an information flow control model

Journal of Systems and Software

An effective role administration model using organization structure

ACM Transactions on Information and System Security (TISSEC)

Simulation Verification and Validation by Dynamic Policy Specification and Enforcement

Simulation

Formal foundations for hybrid hierarchies in GTRBAC

ACM Transactions on Information and System Security (TISSEC)

Role-based 3D visualisation for asynchronous PLM collaboration

Computers in Industry

A theory for comparing the expressive power of access control models

Journal of Computer Security

Role management in adhoc networks

SpringSim '07 Proceedings of the 2007 spring simulaiton multiconference - Volume 1

Describing access control models as design patterns using roles

Proceedings of the 2006 conference on Pattern languages of programs

Personalized access control for a personally controlled health record

Proceedings of the 2nd ACM workshop on Computer security architectures

Requirements of federated trust management for service-oriented architectures

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services

Security Violation Detection for RBAC Based Interoperation in Distributed Environment

IEICE - Transactions on Information and Systems

Separation of Duty in Trust-Based Collaboration

Information Security and Cryptology

DPMF: A policy management framework for heterogeneous authorization systems in grid environments

Multiagent and Grid Systems - Content management and delivery through P2P-based content networks

Database Intrusion Detection Using Role Profiling with Role Hierarchy

SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management

Multi-Level modeling and access control for data sharing in collaborative design

Advanced Engineering Informatics

Granular computing and flow analysis on discretionary access control: solving the propagation problem

SMC'09 Proceedings of the 2009 IEEE international conference on Systems, Man and Cybernetics

Management advantages of object classification in role-based access control (RBAC)

ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security

An integrated model for access control and information flow requirements

ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security

Authorization constraints specification of RBAC

WISA'07 Proceedings of the 8th international conference on Information security applications

A compositional multiple policies operating system security model

WISA'07 Proceedings of the 8th international conference on Information security applications

Personalizing access control by generalizing access control

Proceedings of the 15th ACM symposium on Access control models and technologies

Group-centric models for secure and agile information sharing

MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security

SecurOntology: A semantic web access control framework

Computer Standards & Interfaces

Towards automatic update of access control policy

LISA'10 Proceedings of the 24th international conference on Large installation system administration

Cryptographic enforcement of role-based access control

FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust

The Policy Machine: A novel architecture and framework for access control policy specification and enforcement

Journal of Systems Architecture: the EUROMICRO Journal

Types for role-based access control of dynamic web data

WFLP'10 Proceedings of the 19th international conference on Functional and constraint logic programming

Chameleon: a model of identification, authorization and accountability for ubicomp

UIC'11 Proceedings of the 8th international conference on Ubiquitous intelligence and computing

Access Control Policy Translation, Verification, and Minimization within Heterogeneous Data Federations

ACM Transactions on Information and System Security (TISSEC)

An auto-delegation mechanism for access control systems

STM'10 Proceedings of the 6th international conference on Security and trust management

A network security policy model and its realization mechanism

Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology

Resolving information flow conflicts in RBAC systems

DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security

Authrule: a generic rule-based authorization module

DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security

λ-RBAC: programming with role-based access control

ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II

The research for spatial role-based access control model

ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV

Role-based modelling of interactions in database applications

CAiSE'06 Proceedings of the 18th international conference on Advanced Information Systems Engineering

Security and trust requirements engineering

Foundations of Security Analysis and Design III

Feasibility study of software reengineering towards role-based access control

International Journal of Computer Applications in Technology

Inconsistency detection of authorization policies in distributed component environment

WISA'04 Proceedings of the 5th international conference on Information Security Applications

Automatic enforcement of access control policies among dynamic coalitions

ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology

Ontology-Based RBAC specification for interoperation in distributed environment

ASWC'06 Proceedings of the First Asian conference on The Semantic Web

Enforce mandatory access control policy on XML documents

ICICS'05 Proceedings of the 7th international conference on Information and Communications Security

Web application security gateway with java non-blocking IO

NGITS'06 Proceedings of the 6th international conference on Next Generation Information Technologies and Systems

The complexity of discretionary access control

IWSEC'06 Proceedings of the 1st international conference on Security

An attribute graph based approach to map local access control policies to credential based access control policies

ICISS'05 Proceedings of the First international conference on Information Systems Security

A security management information model derivation framework: from goals to configurations

FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust

A policy-based decentralized authorization management framework for cloud computing

Proceedings of the 27th Annual ACM Symposium on Applied Computing

A trust-and-risk aware RBAC framework: tackling insider threat

Proceedings of the 17th ACM symposium on Access Control Models and Technologies

Decentralized governance of distributed systems via interaction control

Logic Programs, Norms and Action

A new RBAC based access control model for cloud computing

GPC'12 Proceedings of the 7th international conference on Advances in Grid and Pervasive Computing

The need for application-aware access control evaluation

Proceedings of the 2012 workshop on New security paradigms

Taking value-networks to the cloud services: security services, semantics and service level agreements

Information Systems and e-Business Management

Policy administration in tag-based authorization

FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security

Enforcing Minimum Necessary Access in Healthcare Through Integrated Audit and Access Control

Proceedings of the International Conference on Bioinformatics, Computational Biology and Biomedical Informatics

On the suitability of dissemination-centric access control systems for group-centric sharing

Proceedings of the 4th ACM conference on Data and application security and privacy