SOSP '91 Proceedings of the thirteenth ACM symposium on Operating systems principles
Role-Based Access Control Models
Computer
Proceedings of the tenth ACM Conference on Hypertext and hypermedia : returning to our diverse roots: returning to our diverse roots
Supporting relationships in access control using role based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Securing context-aware applications using environment roles
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A Policy Based Role Object Model
EDOC '97 Proceedings of the 1st International Conference on Enterprise Distributed Object Computing
A Context-Sensitive Access Control Model and Prototype Implementation
Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures
Role-based security for distributed object systems
WET-ICE '96 Proceedings of the 5th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'96)
Generalized Role-Based Access Control
ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems
Purpose based access control of complex data for privacy protection
Proceedings of the tenth ACM symposium on Access control models and technologies
IEEE Transactions on Dependable and Secure Computing
Purpose based access control for privacy protection in relational database systems
The VLDB Journal — The International Journal on Very Large Data Bases
A Context-Aware Mandatory Access Control Model for Multilevel Security Environments
SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
Enforcing role based access control model with multimedia signatures
Journal of Systems Architecture: the EUROMICRO Journal
Context-Based Constraints in Security: Motivations and First Approach
Electronic Notes in Theoretical Computer Science (ENTCS)
Management advantages of object classification in role-based access control (RBAC)
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Evaluating access control of open source electronic health record systems
Proceedings of the 3rd Workshop on Software Engineering in Health Care
A feature-based approach for modeling role-based access control systems
Journal of Systems and Software
Conformance checking of dynamic access control policies
ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
A contextual multilevel access control model
International Journal of Internet Technology and Secured Transactions
LoT-RBAC: a location and time-based RBAC model
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
A semantic context-aware access control in pervasive environments
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part II
Spatial context in role-based access control
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Situation-based policy enforcement
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
RABAC: role-centric attribute-based access control
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
FENCE: continuous access control enforcement in dynamic data stream environments
Proceedings of the third ACM conference on Data and application security and privacy
Hi-index | 0.00 |
This paper describes an extended role-based access control (RBAC) model, which makes RBAC sensitive to the context of an attempted operation. Traditional RBAC does not specify whether the permissions associated with a role enable access to a particular object, or to some subset of objects belonging to a class. We extend the model by introducing the notions of role context and context filters. Context filters are Boolean expressions based on the context of the user attempting the operation, as well as the context of the object upon which the operation is attempted. By supplying context filters during the definition of a role, a security administrator can easily limit the applicability of users' role memberships to particular subsets of the target objects. We also describe our implementation of the model in a web-services platform, to illustrate how this technique is particularly valuable when the data is hierarchically structured.