Role-based access control and the access control matrix

Authors:
G. Saunders;M. Hitchens;V. Varadharajan
Affiliations:
University of Sydney, Australia;University of Western Sydney (Nepean), Australia;University of Western Sydney (Nepean), Australia
Venue:
ACM SIGOPS Operating Systems Review
Year:
2001

Citing 9
Cited 4

Role-Based Access Control Models

Computer
A unified framework for enforcing multiple access control policies

SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
The NIST model for role-based access control: towards a unified standard

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Protection in operating systems

Communications of the ACM
Capability-based addressing

Communications of the ACM
Programming semantics for multiprogrammed computations

Communications of the ACM
Lattice-Based Access Control Models

Computer
Protection in Grasshopper: A Persistent Operating System

Proceedings of the Sixth International Workshop on Persistent Object Systems
Protection

ACM SIGOPS Operating Systems Review

Composing and combining policies under the policy machine

Proceedings of the tenth ACM symposium on Access control models and technologies
Role engineering using graph optimisation

Proceedings of the 12th ACM symposium on Access control models and technologies
Access Policy Design Supported by FCA Methods

ICCS '09 Proceedings of the 17th International Conference on Conceptual Structures: Conceptual Structures: Leveraging Semantic Technologies
RBAC-Matrix-Based EMR Right Management System to Improve HIPAA Compliance

Journal of Medical Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Access Matrix is a useful model for understanding the behaviour and properties of access control systems. While the matrix is rarely implemented, access control in real systems is usually based on access control mechanisms, such as access control lists or capabilities, that have clear relationships with the matrix model. In recent times a great deal of interest has been shown in Role Based Access Control (RBAC) models. However, the relationship between RBAC models and the Access Matrix is not clear. In this paper we present a model of RBAC based on the Access Matrix which makes the relationships between the two explicit. In the process of constructing this model, some fundamental similarities between certain capability models and RBAC are revealed.