Role-Based Access Control Models
Computer
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Towards a more complete model of role
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Towards a UML based approach to role engineering
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
The role-based access control system of a European bank: a case study and discussion
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A rule-based framework for role based delegation
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Observations on the role life-cycle in the context of enterprise security management
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A Role-Based Access Control for Intranet Security
IEEE Internet Computing
Role-Based Access Control Framework for Network Enterprises
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Engineering of Role/Permission Assignments
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
A role administration system in role-based authorization infrastructures: design and implementation
Proceedings of the 2003 ACM symposium on Applied computing
A composite rbac approach for large, complex organizations
Proceedings of the ninth ACM symposium on Access control models and technologies
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
Mobile-driven architecture for managing enterprise security policies
Proceedings of the 44th annual Southeast regional conference
Migrating to optimal RBAC with minimal perturbation
Proceedings of the 13th ACM symposium on Access control models and technologies
Mining roles with semantic meanings
Proceedings of the 13th ACM symposium on Access control models and technologies
Proceedings of the 13th ACM symposium on Access control models and technologies
HyDRo --- Hybrid Development of Roles
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
International Journal of Computer Integrated Manufacturing
A formal framework to elicit roles with business meaning in RBAC systems
Proceedings of the 14th ACM symposium on Access control models and technologies
Evaluating role mining algorithms
Proceedings of the 14th ACM symposium on Access control models and technologies
Edge-RMP: Minimizing administrative assignments for role-based access control
Journal of Computer Security
The role mining problem: A formal perspective
ACM Transactions on Information and System Security (TISSEC)
StateMiner: an efficient similarity-based approach for optimal mining of role hierarchy
Proceedings of the 15th ACM symposium on Access control models and technologies
Mining Roles with Multiple Objectives
ACM Transactions on Information and System Security (TISSEC)
Automating security configuration and administration: an access control perspective
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Mining RBAC roles under cardinality constraint
ICISS'10 Proceedings of the 6th international conference on Information systems security
A policy-based decentralized authorization management framework for cloud computing
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Evolving role definitions through permission invocation patterns
Proceedings of the 18th ACM symposium on Access control models and technologies
Business Driven User Role Assignment: Nimble Adaptation of RBAC to Organizational Changes
International Journal of Information Security and Privacy
| Hi-index | 0.00 |
In this paper we present an approach to modeling system-centric information in order to facilitate role engineering (RE). In particular, we first discuss the general characteristics of the information required in RE. Afterwards, we discuss two informational flow types among authorities involved in RE process, forward information flow (FIF) and backward information flow (BIF), together with the introduction of an information model which is greatly suitable for use in the backward information flow. System-centic information is incorporated in the information model and UML extension mechanisms are exploited for modeling the information. Not only can the information model provide those different authorities with a method for both analysis of resources and communication of knowledge in the RE process, but it can also help lay a foundation for successful implementations of RBAC.