Role-Based Access Control Models
Computer
Handbook of graph grammars and computing by graph transformation: volume I. foundations
Handbook of graph grammars and computing by graph transformation: volume I. foundations
Formal specification for role based access control user/role and role/role relationship management
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Handbook of graph grammars and computing by graph transformation: vol. 2: applications, languages, and tools
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
On the specification and evolution of access control policies
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Refinements of Graph Transformation Systems via Rule Expressions
TAGT'98 Selected papers from the 6th International Workshop on Theory and Application of Graph Transformations
Access Rights Administration in Role-Based Security Systems
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
A Formal Model for Role-Based Access Control Using Graph Transformation
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Decidability of Safety in Graph-Based Models for Access Control
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Administrative scope: A foundation for role-based administrative models
ACM Transactions on Information and System Security (TISSEC)
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
Administrative scope in the graph-based framework
Proceedings of the ninth ACM symposium on Access control models and technologies
Using uml to visualize role-based access control constraints
Proceedings of the ninth ACM symposium on Access control models and technologies
Formal access control analysis in the software development process
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Verifiable composition of access control and application features
Proceedings of the tenth ACM symposium on Access control models and technologies
Graph-based specification of access control policies
Journal of Computer and System Sciences
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Resiliency policies in access control
Proceedings of the 13th ACM conference on Computer and communications security
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
Graph-theoretic method for merging security system specifications
Information Sciences: an International Journal
Theory of Constraints and Application Conditions: From Graphs to High-Level Structures
Fundamenta Informaticae - SPECIAL ISSUE ON ICGT 2004
ACM Transactions on Information and System Security (TISSEC)
Visual modeling and formal specification of constraints of RBAC using semantic web technology
Knowledge-Based Systems
Towards realizing a formal RBAC model in real systems
Proceedings of the 12th ACM symposium on Access control models and technologies
Formal foundations for hybrid hierarchies in GTRBAC
ACM Transactions on Information and System Security (TISSEC)
ACC'08 Proceedings of the WSEAS International Conference on Applied Computing Conference
Towards Modal Logic Formalization of Role-Based Access Control with Object Classes
FORTE '07 Proceedings of the 27th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems
Resiliency Policies in Access Control
ACM Transactions on Information and System Security (TISSEC)
Security Violation Detection for RBAC Based Interoperation in Distributed Environment
IEICE - Transactions on Information and Systems
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools
Transactions on Computational Science IV
Graph-based delegation authorization in workflow
CCDC'09 Proceedings of the 21st annual international conference on Chinese control and decision conference
A system for visual role-based policy modelling
Journal of Visual Languages and Computing
A contribution to user interface modelling based on graph transformations approach
Proceedings of the International Workshop on Enterprises & Organizational Modeling and Simulation
Formalization of RBAC policy with object class hierarchy
ISPEC'07 Proceedings of the 3rd international conference on Information security practice and experience
Visual specifications of policies and their verification
FASE'03 Proceedings of the 6th international conference on Fundamental approaches to software engineering
Modeling of the role-based access control policy with constraints using description logic
ICCSA'07 Proceedings of the 2007 international conference on Computational science and its applications - Volume Part I
Constructing authorization systems using assurance management framework
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
A verifiable formal specification for RBAC model with constraints of separation of duty
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Design and implementation of fast access control that supports the separation of duty
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Using π-calculus to formalize domain administration of RBAC
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
An access control language for dynamic systems – model-driven development and verification
SDL'05 Proceedings of the 12th international conference on Model Driven
From graph transformation to software engineering and back
Formal Methods in Software and Systems Modeling
Verification of UML-Based security policy model
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part III
Specification and validation of authorisation constraints using UML and OCL
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Representation and reasoning on RBAC: a description logic approach
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
The complexity of discretionary access control
IWSEC'06 Proceedings of the 1st international conference on Security
Category-Based authorisation models: operational semantics and expressive power
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Integration of a cryptographic file system and access control
WISI'06 Proceedings of the 2006 international conference on Intelligence and Security Informatics
Theory of Constraints and Application Conditions: From Graphs to High-Level Structures
Fundamenta Informaticae - SPECIAL ISSUE ON ICGT 2004
CoBAn: A context based model for data leakage prevention
Information Sciences: an International Journal
Formal verification of security properties in trust management policy
Journal of Computer Security
| Hi-index | 0.00 |
Role-Based Access Control (RBAC) is supported directly or in a closely related form, by a number of products. This article presents a formalization of RBAC using graph transformations that is a graphical specification technique based on a generalization of classical string grammars to nonlinear structures. The proposed formalization provides an intuitive description for the manipulation of graph structures as they occur in information systems access control and a precise specification of static and dynamic consistency conditions on graphs and graph transformations. The formalism captures the RBAC models published in the literature, and also allows a uniform treatment of user roles and administrative roles, and a detailed analysis of the decentralization of administrative roles.