Role-Based Access Control Models
Computer
Joint actions based authorization schemes
ACM SIGOPS Operating Systems Review
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Issues in the Design of a Language for Role Based Access Control
ICICS '99 Proceedings of the Second International Conference on Information and Communication Security
Authorization in Enterprise-Wide Distributed System: A Practical Design and Application
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A Logic For State Transformations in Authorization Policies
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A Comparative Study of Policy Specification Languages for Secure Distributed Applications
DSOM '02 Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications
MMNS '02 Proceedings of the 5th IFIP/IEEE International Conference on Management of Multimedia Networks and Services: Management of Multimedia on the Internet
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
A Policy Language for the Management of Distributed Agents
AOSE '01 Revised Papers and Invited Contributions from the Second International Workshop on Agent-Oriented Software Engineering II
PoP -- An Automated Policy Replacement Architecture for PBNM
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Authorization and trust enhanced security for distributed applications
ICISS'05 Proceedings of the First international conference on Information Systems Security
Comparison of policy specification languages for access control
Proceedings of the CUBE International Information Technology Conference
PCIEF: a policy conflict identification and evaluation framework
International Journal of Information and Computer Security
Hi-index | 0.01 |
A language for specifying role-based access control (RBAC) policies is presented. The language is designed to support the range of access control policies of commercial object systems. The basic structures of RBAC, such as role, users and permission, are present in the language as basic constructs. Examples are given in the language of access control situations, such as static and dynamic separation of duty, delegation and joint action based access policies. The language is flexible and is able to capture meta-level operations. The language also provides a mechanism for tracking actions and basing access control decisions on past events.