Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Constraints for role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Control principles and role hierarchies
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The uses of role hierarchies in access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Alcoa: the alloy constraint analyzer
Proceedings of the 22nd international conference on Software engineering
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
The role-based access control system of a European bank: a case study and discussion
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Detecting Conflicts in a Role-Based Delegation Model
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Proceedings of the 2004 ACM symposium on Applied computing
Static analysis of role-based access control in J2EE applications
ACM SIGSOFT Software Engineering Notes
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
Formal specification and analysis of JAAS framework
Proceedings of the 2006 international workshop on Software engineering for secure systems
Role-Based access control consistency validation
Proceedings of the 2006 international symposium on Software testing and analysis
Role-based access control for a distributed calculus
Journal of Computer Security - Special issue on CSFW17
When Role Models Have Flaws: Static Validation of Enterprise Security Policies
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Efficient policy analysis for administrative role based access control
Proceedings of the 14th ACM conference on Computer and communications security
Role-based access control for boxed ambients
Theoretical Computer Science
Synthesising verified access control systems through model checking
Journal of Computer Security
Enabling verification and conformance testing for access control model
Proceedings of the 13th ACM symposium on Access control models and technologies
Role engineering: From design to evolution of security schemes
Journal of Systems and Software
On the Formal Analysis of a Spatio-temporal Role-Based Access Control Model
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Ensuring spatio-temporal access control for real-world applications
Proceedings of the 14th ACM symposium on Access control models and technologies
Towards Trustworthy Delegation in Role-Based Access Control Model
ISC '09 Proceedings of the 12th International Conference on Information Security
Visual specifications of policies and their verification
FASE'03 Proceedings of the 6th international conference on Fundamental approaches to software engineering
Proceedings of the 15th ACM symposium on Access control models and technologies
Constructing authorization systems using assurance management framework
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
User-role reachability analysis of evolving administrative role based access control
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Types for security in a mobile world
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Policy analysis for Administrative Role-Based Access Control
Theoretical Computer Science
Conformance checking of dynamic access control policies
ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
Specifying and reasoning about dynamic access-control policies
IJCAR'06 Proceedings of the Third international joint conference on Automated Reasoning
Evaluating access control policies through model checking
ISC'05 Proceedings of the 8th international conference on Information Security
Validation of policy integration using alloy
ICDCIT'05 Proceedings of the Second international conference on Distributed Computing and Internet Technology
Enhancing directory virtualization to detect insider activity
Security and Communication Networks
PCIEF: a policy conflict identification and evaluation framework
International Journal of Information and Computer Security
Symbolic backward reachability with effectively propositional logic
Formal Methods in System Design
Policy analysis for administrative role based access control without separate administration
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Journal of Computer Security - STM'10
Formal verification of security properties in trust management policy
Journal of Computer Security
Hi-index | 0.00 |
Role-based access control is a powerful and policy-neutral concept for enforcing access control. Many extensions have been proposed, the most significant of which are the decentralised administration of role-based systems and the enforcement of constraints. However, the simultaneous integration of these extensions can cause conflicts in a later system implementation. We demonstrate how we use the Alloy language for the specification of a conflict-free role-based system. This specification provides us at the same time with a suitable basis for further analysis by the Alloy constraint analyser.