Role-Based Access Control Models
Computer
Support for discretionary role based access control in ACL-oriented operating systems
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Comparing simple role based access control models and access control lists
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Characteristics of role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
How to do discretionary access control using roles
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Towards a more complete model of role
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Formal specification for role based access control user/role and role/role relationship management
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The uses of role hierarchies in access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Protection in operating systems
Communications of the ACM
A model of OASIS role-based access control and its support for active security
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
A graph-based formalism for RBAC
ACM Transactions on Information and System Security (TISSEC)
Power and Permission in Security Systems
Proceedings of the 7th International Workshop on Security Protocols
On permissions, inheritance and role hierarchies
Proceedings of the 10th ACM conference on Computer and communications security
Administrative scope in the graph-based framework
Proceedings of the ninth ACM symposium on Access control models and technologies
Security analysis in role-based access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Understanding and developing role-based administrative models
Proceedings of the 12th ACM conference on Computer and communications security
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Extended privilege inheritance in RBAC
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
ACM Transactions on Information and System Security (TISSEC)
Formal foundations for hybrid hierarchies in GTRBAC
ACM Transactions on Information and System Security (TISSEC)
A Critique of the ANSI Standard on Role-Based Access Control
IEEE Security and Privacy
RBAC administration in distributed systems
Proceedings of the 13th ACM symposium on Access control models and technologies
An access control reference architecture
Proceedings of the 2nd ACM workshop on Computer security architectures
Spatial Domains for the Administration of Location-based Access Control Policies
Journal of Network and Systems Management
Refinement for administrative policies
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Towards session-aware RBAC administration and enforcement with XACML
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
RAR: A role-and-risk based flexible framework for secure collaboration
Future Generation Computer Systems
Access Control for Databases: Concepts and Systems
Foundations and Trends in Databases
Program synthesis in administration of higher-order permissions
Proceedings of the 16th ACM symposium on Access control models and technologies
Automatic error finding in access-control policies
Proceedings of the 18th ACM conference on Computer and communications security
Discretionary and mandatory controls for role-based administration
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Using π-calculus to formalize domain administration of RBAC
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
A modal logic for role-based access control
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Delegation in role-based access control
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
New concept of authority range for flexible management of role hierarchy
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Analyzing temporal role based access control models
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
A new RBAC based access control model for cloud computing
GPC'12 Proceedings of the 7th international conference on Advances in Grid and Pervasive Computing
Mohawk: Abstraction-Refinement and Bound-Estimation for Verifying Access Control Policies
ACM Transactions on Information and System Security (TISSEC)
Nephele: Scalable Access Control for Federated File Services
Journal of Grid Computing
A model for trust-based access control and delegation in mobile clouds
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Hi-index | 0.00 |
We introduce the concept of administrative scope in a role hierarchy and demonstrate that it can be used as a basis for role-based administration. We then develop a family of models for role hierarchy administration (RHA) employing administrative scope as the central concept. We then extend RHA4, the most complex model in the family, to a complete, decentralized model for role-based administration. We show that SARBAC, the resulting role-based administrative model, has significant practical and theoretical advantages over ARBAC97. We also discuss how administrative scope might be applied to the administration of general hierarchical structures, how our model can be used to reduce inheritance in the role hierarchy, and how it can be configured to support discretionary access control features.