Role-Based Access Control Models
Computer
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Lattice-Based Access Control Models
Computer
A Model of Authorization for Object-Oriented and Semantic Databases
EDBT '88 Proceedings of the International Conference on Extending Database Technology: Advances in Database Technology
Access Rights Administration in Role-Based Security Systems
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
Partial outsourcing: a new paradigm for access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Static verification of security requirements in role based CSCW systems
Proceedings of the eighth ACM symposium on Access control models and technologies
MAC and UML for secure software design
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
ACM Transactions on Information and System Security (TISSEC)
RBAC-PAT: A Policy Analysis Tool for Role Based Access Control
TACAS '09 Proceedings of the 15th International Conference on Tools and Algorithms for the Construction and Analysis of Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009,
Towards System Integrity Protection with Graph-Based Policy Analysis
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Policy analysis for Administrative Role-Based Access Control
Theoretical Computer Science
Creating objects in the flexible authorization framework
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Resolving information flow conflicts in RBAC systems
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Flow based interpretation of access control: detection of illegal information flows
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
| Hi-index | 0.00 |
Role-based access control provides a very flexible set of mechanisms for managing the access control of a complex system with many users, objects and applications. In our previous research, we have shown how, given a role graph and security labels for objects, one can test whether or not the system satisfies properties for lattice-based access control. In this paper we give a general mapping, which takes an arbitrary role graph and produces another graph which shows the information flow that can result from the roles defined in the role graph. An extension builds the information flow graph taking user assignments and sessions into account.