Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles: preliminary description and outline
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Control principles and role hierarchies
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The uses of role hierarchies in access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Security models for web-based applications
Communications of the ACM
Structured management of role-permission relationships
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
The URA97 Model for Role-Based User-Role Assignment
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
The ARBAC99 Model for Administration of Roles
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Role-based administration of user-role assignment: The URA97 model and its Oracle implementation
Journal of Computer Security
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
An administration concept for the enterprise role-based access control model
Proceedings of the eighth ACM symposium on Access control models and technologies
Cooperative role-based administration
Proceedings of the eighth ACM symposium on Access control models and technologies
The tees confidentiality model: an authorisation model for identities and roles
Proceedings of the eighth ACM symposium on Access control models and technologies
Role-based access control in ambient and remote space
Proceedings of the ninth ACM symposium on Access control models and technologies
X-GTRBAC admin: a decentralized administration model for enterprise wide access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Security analysis in role-based access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Modular authorization and administration
ACM Transactions on Information and System Security (TISSEC)
Formal specification of role-based security policies for clinical information systems
Proceedings of the 2005 ACM symposium on Applied computing
Authorization algorithms for the mobility of user-role relationship
ACSC '05 Proceedings of the Twenty-eighth Australasian conference on Computer Science - Volume 38
X-gtrbac admin: A decentralized administration model for enterprise-wide access control
ACM Transactions on Information and System Security (TISSEC)
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
ACM Transactions on Information and System Security (TISSEC)
Efficient policy analysis for administrative role based access control
Proceedings of the 14th ACM conference on Computer and communications security
Security Challenges in Adaptive e-Health Processes
SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
Supporting dynamic administration of RBAC in web-based collaborative applications during run-time
International Journal of Information and Computer Security
International Journal of Computer Integrated Manufacturing
Expert Systems with Applications: An International Journal
Reasoning about dynamic delegation in role based access control systems
DASFAA'11 Proceedings of the 16th international conference on Database systems for advanced applications - Volume Part I
Discretionary and mandatory controls for role-based administration
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Role activation management in role based access control
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Using π-calculus to formalize domain administration of RBAC
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
OS-DRAM: a delegation administration model in a decentralized enterprise environment
WAIM '06 Proceedings of the 7th international conference on Advances in Web-Age Information Management
FORBAC: a flexible organisation and role-based access control model for secure information systems
ADVIS'06 Proceedings of the 4th international conference on Advances in Information Systems
| Hi-index | 0.00 |
Role-based access control (RBAC) is recognized as an excellent model for access control in an enterprise environment. In large enterprises, effective RBAC administration is a major issue. ARBAC97 is a well-known solution for decentralized RBAC administration. ARBAC97 authorizes administrative roles by means of role ranges' and prerequisite conditions'. Although attractive and elegant in their own right, we will see that these mechanisms have significant shortcomings.We propose an improved role administration model named ARBAC02 to overcome the weaknesses of ARBAC97. ARBAC02 adopts the organization unit for new user and permission pools independent of role or role hierarchy. It uses a refined prerequisite condition. In addition, we present a bottom-up approach to permission-role administration in contrast to the top-down approach of ARBAC97.