Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A model of OASIS role-based access control and its support for active security
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based access control on the web
ACM Transactions on Information and System Security (TISSEC)
A Model for Attribute-Based User-Role Assignment
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Rule support for role-based access control
Proceedings of the tenth ACM symposium on Access control models and technologies
Specification and enforcement of flexible security policy for active cooperation
Information Sciences: an International Journal
Research on Description Logic Based Conflict Detection Methods for RB-RBAC Model
Proceedings of the 2006 conference on Advances in Intelligent IT: Active Media Technology 2006
A role and attribute based access control system using semantic web technologies
OTM'07 Proceedings of the 2007 OTM Confederated international conference on On the move to meaningful internet systems - Volume Part II
Management advantages of object classification in role-based access control (RBAC)
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Supporting role based provisioning with rules using OWL and F-logic
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Using description logic to determine seniority among RB-RBAC authorization rules
RSKT'06 Proceedings of the First international conference on Rough Sets and Knowledge Technology
User-managed access control for health care systems
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
Automated and efficient analysis of role-based access control with attributes
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Implementing an enterprise business context model for defining mobile broadband policy
Proceedings of the 8th International Conference on Network and Service Management
| Hi-index | 0.00 |
The Role-Based Access Control (RBAC) model is traditionally used to manually assign users to appropriate roles. When the service-providing enterprise has a massive customer base, assigning users to roles ought to be automated. RB-RBAC (Rule-Based RBAC) provides the mechanism to dynamically assign users to roles based on a finite set of authorization rules defined by the enterprise's security policy. These rules may have seniority relation among them, which induces a roles hierarchy. The main contribution of this paper is to explore the possible discrepancies between the Induced Roles Hierarchy and any existing roles hierarchy. The functional impact of existing discrepancies and ways of reconciling them are discussed.