Design of secure medical database systems
Information systems security
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Reconciling role based management and role based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Role templates for content-based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Requirements for access control: US Healthcare domain
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Using digital certificates for access control in clinical intranet applications
Technology and Health Care - Special issue on abstracts of MEDNET 2000, the 5th world congress on the Internet in medicine, Brussels, 23&nash;26 November 2000
eMEDAC: Role-based Access Control Supporting Discretionary and Mandatory Features
Proceedings of the IFIP WG 11.3 Thirteenth International Conference on Database Security: Research Advances in Database and Information Systems Security
Observations on the role life-cycle in the context of enterprise security management
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Models for coalition-based access control (CBAC)
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A role-based delegation framework for healthcare information systems
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
An approach to engineer and enforce context constraints in an RBAC environment
Proceedings of the eighth ACM symposium on Access control models and technologies
A stratification-based approach for handling conflicts in access control
Proceedings of the eighth ACM symposium on Access control models and technologies
An integrated approach to engineer and enforce context constraints in RBAC environments
ACM Transactions on Information and System Security (TISSEC)
Access control in collaborative systems
ACM Computing Surveys (CSUR)
Formal specification of role-based security policies for clinical information systems
Proceedings of the 2005 ACM symposium on Applied computing
TrustBAC: integrating trust relationships into the RBAC model for access control in open systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Redirection policies for mission-based information sharing
Proceedings of the eleventh ACM symposium on Access control models and technologies
On spatio-temporal constraints and inheritance in role-based access control
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Context-aware role-based access control in pervasive computing systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Access control by action control
Proceedings of the 13th ACM symposium on Access control models and technologies
Role engineering: From design to evolution of security schemes
Journal of Systems and Software
A Study on How to Classify the Security Rating of Medical Information Neural Network
ISNN '07 Proceedings of the 4th international symposium on Neural Networks: Part II--Advances in Neural Networks
A Context-Aware Mandatory Access Control Model for Multilevel Security Environments
SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
Uncle-Share: Annotation-Based Access Control for Cooperative and Social Systems
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
Supporting dynamic administration of RBAC in web-based collaborative applications during run-time
International Journal of Information and Computer Security
Dynamic, context-aware, least-privilege grid delegation
GRID '07 Proceedings of the 8th IEEE/ACM International Conference on Grid Computing
Action Control by Term Rewriting
Electronic Notes in Theoretical Computer Science (ENTCS)
Law-aware access control for international financial environments
Proceedings of the Eighth ACM International Workshop on Data Engineering for Wireless and Mobile Access
Context-Based Constraints in Security: Motivations and First Approach
Electronic Notes in Theoretical Computer Science (ENTCS)
Utilizing Semantic Knowledge for Access Control in Pervasive and Ubiquitous Systems
Mobile Networks and Applications
A generic framework for context-based distributed authorizations
CONTEXT'03 Proceedings of the 4th international and interdisciplinary conference on Modeling and using context
A security framework for a workflow-based grid development platform
Computer Standards & Interfaces
Detection of anomalous insiders in collaborative environments via relational analysis of access logs
Proceedings of the first ACM conference on Data and application security and privacy
Modeling process-related RBAC models with extended UML activity models
Information and Software Technology
Integrating constraints to support legally flexible business processes
Information Systems Frontiers
Dynamic access control administration for collaborative applications
ICCOMP'06 Proceedings of the 10th WSEAS international conference on Computers
A contextual multilevel access control model
International Journal of Internet Technology and Secured Transactions
Prox-RBAC: a proximity-based spatially aware RBAC
Proceedings of the 19th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems
ISWC'06 Proceedings of the 5th international conference on The Semantic Web
A practical aspect framework for enforcing fine-grained access control in web applications
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
FORBAC: a flexible organisation and role-based access control model for secure information systems
ADVIS'06 Proceedings of the 4th international conference on Advances in Information Systems
Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL
Information and Software Technology
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
Context-awareness: exploring the imperative shared context of security and ubiquitous computing
Proceedings of the 14th International Conference on Information Integration and Web-based Applications & Services
Information Systems and e-Business Management
An information flow control meta-model
Proceedings of the 18th ACM symposium on Access control models and technologies
Proceedings of the 18th ACM symposium on Access control models and technologies
Generic support for RBAC break-glass policies in process-aware information systems
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Modelling context-aware RBAC models for mobile business processes
International Journal of Wireless and Mobile Computing
An infrastructure for secure sharing of medical images between PACS and EHR systems
CASCON '13 Proceedings of the 2013 Conference of the Center for Advanced Studies on Collaborative Research
Future Generation Computer Systems
Behavior-based access control for distributed healthcare systems
Journal of Computer Security
| Hi-index | 0.00 |
We discuss the integration of contextual information with team-based access control. The TMAC model was formulated by Thomas in [1] to provide access control for collaborative activity best accomplished by teams of users. In TMAC, access control revolves around teams, where a "team" is an abstraction that encapsulates a collection of users in specific roles and collaborating with the objective of accomplishing a specific task or goal. Users who belong to a team are given access to resources used by a team. However, the effective permissions of a user are always derived from permission types defined for roles that the user belongs to. TMAC is an example of what we call "active security models". These models are aware of the context associated with an ongoing activity in providing access control and thus distinguish the passive concept of permission assignment from the active concept of context-based permission activation. The ability to integrate contextual information allows models such as TMAC to be flexible and express a variety of access policies that can provide tight and just-in-time permission activation.