Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles: preliminary description and outline
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Characteristics of role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Decentralized user-role assignment for Web-based intranets
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Managing role/permission relationships using object access types
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
On the increasing importance of constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A model for role administration using organization structure
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
An effective role administration model using organization structure
ACM Transactions on Information and System Security (TISSEC)
A formal framework to elicit roles with business meaning in RBAC systems
Proceedings of the 14th ACM symposium on Access control models and technologies
Role activation management in role based access control
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Hi-index | 0.00 |
This paper describes a structured approach to managing Role-permission relationships for implementing RBAC in large decentralized organizations. The paper begins by outlining the rationale behind this design followed by the description of its two main features. We show how the use of logical objectives (as opposed to physical objects) as targets of permissions can improve ease of use and accuracy of the administration process. We also describe a mechanism for viewing role-permission relationships in the context of organizational structures, which provides an opportunity for bringing about qualitative improvement in RABC implementation. We conclude by summing up the scope and limitations of our approach.