Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Role templates for content-based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Proceedings of the tenth ACM Conference on Hypertext and hypermedia : returning to our diverse roots: returning to our diverse roots
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
On the increasing importance of constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
An architecture for distributed OASIS services
IFIP/ACM International Conference on Distributed systems platforms
TRBAC: a temporal role-based access control model
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
PostgreSQL: introduction and concepts
PostgreSQL: introduction and concepts
Securing context-aware applications using environment roles
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible team-based access control using contexts
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A model of OASIS role-based access control and its support for active security
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
A model for role administration using organization structure
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Toward open, secure, widely distributed services
Communications of the ACM - Adaptive middleware
A Temporal Access Control Mechanism for Database Systems
IEEE Transactions on Knowledge and Data Engineering
Access Rights Administration in Role-Based Security Systems
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Access Control and Trust in the Use of Widely Distributed Services
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Secure role-based workflow models
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Meta-Policies for Distributed Role-Based Access Control Systems
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Toward open, secure, widely distributed services
Communications of the ACM - Adaptive middleware
On context in authorization policy
Proceedings of the eighth ACM symposium on Access control models and technologies
Static verification of security requirements in role based CSCW systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Access control and trust in the use of widely distributed services
Software—Practice & Experience - Special issue: Middleware
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
Policy Storage for Role-Based Access Control Systems
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Dynamic personal roles for ubiquitous computing
OOPSLA '03 Companion of the 18th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Role-based access control for publish/subscribe middleware architectures
Proceedings of the 2nd international workshop on Distributed event-based systems
An architecture for supporting vicarious learning in a distributed environment
Proceedings of the 2004 ACM symposium on Applied computing
On the role of roles: from role-based to role-sensitive access control
Proceedings of the ninth ACM symposium on Access control models and technologies
X-GTRBAC admin: a decentralized administration model for enterprise wide access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Using trust and risk in role-based access control policies
Proceedings of the ninth ACM symposium on Access control models and technologies
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
A fine-grained, controllable, user-to-user delegation method in RBAC
Proceedings of the tenth ACM symposium on Access control models and technologies
ACM Transactions on Information and System Security (TISSEC)
Efficient support for enterprise delegation policies
Proceedings of the 2005 ACM symposium on Applied computing
SmartGate: a smart push-pull approach to support role-based security in web gateways
Proceedings of the 2005 ACM symposium on Applied computing
X-gtrbac admin: A decentralized administration model for enterprise-wide access control
ACM Transactions on Information and System Security (TISSEC)
ACM Transactions on Information and System Security (TISSEC)
Lightweight cnsistency enforcement schemes for distributed proofs with hidden subtrees
Proceedings of the 12th ACM symposium on Access control models and technologies
Proceedings of the 12th ACM symposium on Access control models and technologies
Towards realizing a formal RBAC model in real systems
Proceedings of the 12th ACM symposium on Access control models and technologies
Using semantics for automatic enforcement of access control policies among dynamic coalitions
Proceedings of the 12th ACM symposium on Access control models and technologies
Knowledge sharing in virtual enterprises via an ontology-based access control approach
Computers in Industry
Context-aware role-based access control in pervasive computing systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
Access control in publish/subscribe systems
Proceedings of the second international conference on Distributed event-based systems
ACM Transactions on Information and System Security (TISSEC)
International Journal of Computer Integrated Manufacturing
Credential management in event-driven healthcare systems
Proceedings of the ACM/IFIP/USENIX Middleware '08 Conference Companion
International Journal of Computer Integrated Manufacturing
Securing publish/subscribe for multi-domain systems
Proceedings of the ACM/IFIP/USENIX 2005 International Conference on Middleware
PBES: a policy based encryption system with application to data sharing in the power grid
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Specification and enforcement of flexible security policy for active cooperation
Information Sciences: an International Journal
Expert Systems with Applications: An International Journal
Integrating Dirichlet reputation into usage control
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
A specification language for information security policies
CIS'09 Proceedings of the international conference on Computational and information science 2009
Role based access control for a medical database
SEA '07 Proceedings of the 11th IASTED International Conference on Software Engineering and Applications
Activity-oriented access control for ubiquitous environments
CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
Distributed event-based access control
International Journal of Information and Computer Security
Context-sensitive authorization in interaction patterns
Mobility '09 Proceedings of the 6th International Conference on Mobile Technology, Application & Systems
Utilizing Semantic Knowledge for Access Control in Pervasive and Ubiquitous Systems
Mobile Networks and Applications
Fidelis: a policy-driven trust management framework
iTrust'03 Proceedings of the 1st international conference on Trust management
UAHCI'07 Proceedings of the 4th international conference on Universal access in human-computer interaction: ambient interaction
Dynamic event-based access control as term rewriting
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
On the consistency of distributed proofs with hidden subtrees
ACM Transactions on Information and System Security (TISSEC)
Restricted delegation and revocation in language-based security: (position paper)
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Activity-oriented access control to ubiquitous hospital information and services
Information Sciences: an International Journal
Using ASP for knowledge management with user authorization
Data & Knowledge Engineering
Constructing authorization systems using assurance management framework
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Security policies in distributed CSCW and workflow systems
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Towards a secure rendezvous network for future publish/subscribe architectures
FIS'10 Proceedings of the Third future internet conference on Future internet
Enforcing end-to-end application security in the cloud (big ideas paper)
Proceedings of the ACM/IFIP/USENIX 11th International Conference on Middleware
Rewrite specifications of access control policies in distributed environments
STM'10 Proceedings of the 6th international conference on Security and trust management
Scalability in a secure distributed proof system
PERVASIVE'06 Proceedings of the 4th international conference on Pervasive Computing
Distributed credential chain discovery in trust-management with parameterized roles
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
An OWL-Based approach for RBAC with negative authorization
KSEM'06 Proceedings of the First international conference on Knowledge Science, Engineering and Management
Ontology-Based RBAC specification for interoperation in distributed environment
ASWC'06 Proceedings of the First Asian conference on The Semantic Web
Representation and reasoning on RBAC: a description logic approach
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
Securing publish/subscribe for multi-domain systems
Middleware'05 Proceedings of the ACM/IFIP/USENIX 6th international conference on Middleware
Datalog for security, privacy and trust
Datalog'10 Proceedings of the First international conference on Datalog Reloaded
Using ontology-based methods for implementing role-based access control in cooperative systems
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Risk-Aware role-based access control
STM'11 Proceedings of the 7th international conference on Security and Trust Management
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
Security and privacy issues for the network of the future
Security and Communication Networks
Automated analysis of rule-based access control policies
PLPV '13 Proceedings of the 7th workshop on Programming languages meets program verification
Nephele: Scalable Access Control for Federated File Services
Journal of Grid Computing
Proceedings of the 18th ACM symposium on Access control models and technologies
Hi-index | 0.00 |
OASIS is a role-based access control architecture for achieving secure interoperation of services in an open, distributed environment. The aim of OASIS is to allow autonomous management domains to specify their own access control policies and to interoperate subject to service level agreements (SLAs). Services define roles and implement formally specified policy to control role activation and service use; users must present the required credentials, in an appropriate context, in order to activate a role or invoke a service. All privileges are derived from roles, which are activated for the duration of a session only. In addition, a role is deactivated immediately if any of the conditions of the membership rule associated with its activation becomes false. These conditions can test the context, thus ensuring active monitoring of security.To support the management of privileges, OASIS introduces appointment. Users in certain roles are authorized to issue other users with appointment certificates, which may be a prerequisite for activating one or more roles. The conditions for activating a role at a service may include appointment certificates as well as prerequisite roles and constraints on the context. An appointment certificate does not therefore convey privileges directly but can be used as a credential for role activation. The lifetime of appointment certificates is not restricted to the issuing session, so they can be used as long-lived credentials to represent academic and professional qualification, or membership of an organization.Role-based access control (RBAC), in associating privileges with roles, provides a means of expressing access control that is scalable to large numbers of principals. However, pure RBAC associates privileges only with roles, whereas applications often require more fine-grained access control. Parametrized roles extend the functionality to meet this need.We motivate our approach and formalise OASIS. We first present the overall architecture through a basic model, followed by an extended model that includes parametrization.