Formal specification for role based access control user/role and role/role relationship management
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Resolving constraint conflicts
Proceedings of the ninth ACM symposium on Access control models and technologies
Security analysis in role-based access control
Proceedings of the ninth ACM symposium on Access control models and technologies
On mutually-exclusive roles and separation of duty
Proceedings of the 11th ACM conference on Computer and communications security
Application security support in the operating system kernel
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Constraint generation for separation of duty
Proceedings of the eleventh ACM symposium on Access control models and technologies
Resiliency policies in access control
Proceedings of the 13th ACM conference on Computer and communications security
Beyond separation of duty: an algebra for specifying high-level security policies
Proceedings of the 13th ACM conference on Computer and communications security
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
On mutually exclusive roles and separation-of-duty
ACM Transactions on Information and System Security (TISSEC)
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the 12th ACM symposium on Access control models and technologies
Towards realizing a formal RBAC model in real systems
Proceedings of the 12th ACM symposium on Access control models and technologies
Context-aware role-based access control in pervasive computing systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Beyond separation of duty: An algebra for specifying high-level security policies
Journal of the ACM (JACM)
Resiliency Policies in Access Control
ACM Transactions on Information and System Security (TISSEC)
Supporting RBAC with XACML+OWL
Proceedings of the 14th ACM symposium on Access control models and technologies
Specification and Enforcement of Static Separation-of-Duty Policies in Usage Control
ISC '09 Proceedings of the 12th International Conference on Information Security
Context RBAC/MAC access control for ubiquitous environment
DASFAA'07 Proceedings of the 12th international conference on Database systems for advanced applications
Satisfiability and Resiliency in Workflow Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
Automatic conformance checking of role-based access control policies via alloy
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Journal of Systems Architecture: the EUROMICRO Journal
Role inheritance with object-based DSD
International Journal of Internet Technology and Secured Transactions
Conformance checking of dynamic access control policies
ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
Discretionary and mandatory controls for role-based administration
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
A relational database integrity framework for access control policies
Journal of Intelligent Information Systems
A flexible role-based delegation model using characteristics of permissions
DEXA'05 Proceedings of the 16th international conference on Database and Expert Systems Applications
Specification and validation of authorisation constraints using UML and OCL
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Mutually exclusive permissions in RBAC
International Journal of Internet Technology and Secured Transactions
Enhancing directory virtualization to detect insider activity
Security and Communication Networks
Constraint-enhanced role engineering via answer set programming
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
Mobi-CoSWAC: an access control approach for collaborative scientific workflow in mobile environment
ICPCA/SWS'12 Proceedings of the 2012 international conference on Pervasive Computing and the Networked World
Reachability analysis for role-based administration of attributes
Proceedings of the 2013 ACM workshop on Digital identity management
| Hi-index | 0.00 |
Constraints in access control in general and separation of duty constraints in particular are an important area of research. There are two important issues relating to constraints: their specification and their enforcement. We believe that existing separation of duty specification schemes are rather complicated and that the few enforcement models that exist are unlikely to scale well.We examine the assumptions behind existing approaches to separation of duty and present a combined specification and implementation model for a class of constraints that includes separation of duty constraints. The specification model is set-based and has a simpler syntax than existing approaches. We discuss the enforcement of constraints and the relationship between static, dynamic and historical separation of duty constraints. Finally, we propose a model for a scalable role-based reference monitor, based on dynamic access control structures, that can be used to enforce constraints in an efficient manner.