Role-Based Access Control Models
Computer
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
Handbook of graph grammars and computing by graph transformation: volume I. foundations
Handbook of graph grammars and computing by graph transformation: volume I. foundations
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Dynamic rights: safe extensible access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The uses of role hierarchies in access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Integrated constraints and inheritance in DTAC
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
An access control model for simplifying constraint expression
Proceedings of the 7th ACM conference on Computer and communications security
A modular approach to composing access control policies
Proceedings of the 7th ACM conference on Computer and communications security
A lattice model of secure information flow
Communications of the ACM
Protection in operating systems
Communications of the ACM
A Dynamically Typed Access Control Model
ACISP '98 Proceedings of the Third Australasian Conference on Information Security and Privacy
ACM SIGOPS Operating Systems Review
LOMAC: Low Water-Mark Integrity Protection for COTS Environments
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Representation and reasoning on role-based access control policies with conceptual graphs
ICCS'06 Proceedings of the 14th international conference on Conceptual Structures: inspiration and Application
| Hi-index | 0.00 |
The specification of constraint languages for access control models has proven to be difficult but remains necessary for safety and for mandatory access control policies. While the authorisation relation $(Subject \times Object \rightarrow \pow Right)$ defines the authorised permissions an authorisation schema defines how the various concepts (such as subjects, users, roles, labels) are combined to form a complete access control model.Using examples drawn from common access control models in the literature we extend the authorisation schema of DTAC to define a general formalism for describing authorisation schema for any access control model.Based on our generic authorisation schema we define a new simpler constraint specification language which is as expressive as our previous graphical constraint languages and no more complex to verify.