Information sharing and security in dynamic coalitions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A model for role administration using organization structure
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
An administration concept for the enterprise role-based access control model
Proceedings of the eighth ACM symposium on Access control models and technologies
Cooperative role-based administration
Proceedings of the eighth ACM symposium on Access control models and technologies
X-GTRBAC admin: a decentralized administration model for enterprise wide access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Modular authorization and administration
ACM Transactions on Information and System Security (TISSEC)
A fine-grained, controllable, user-to-user delegation method in RBAC
Proceedings of the tenth ACM symposium on Access control models and technologies
Authorization algorithms for the mobility of user-role relationship
ACSC '05 Proceedings of the Twenty-eighth Australasian conference on Computer Science - Volume 38
X-gtrbac admin: A decentralized administration model for enterprise-wide access control
ACM Transactions on Information and System Security (TISSEC)
An effective role administration model using organization structure
ACM Transactions on Information and System Security (TISSEC)
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Advanced Permission-Role Relationship in Role-Based Access Control
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Supporting dynamic administration of RBAC in web-based collaborative applications during run-time
International Journal of Information and Computer Security
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Reasoning about dynamic delegation in role based access control systems
DASFAA'11 Proceedings of the 16th international conference on Database systems for advanced applications - Volume Part I
Program synthesis in administration of higher-order permissions
Proceedings of the 16th ACM symposium on Access control models and technologies
Access control model for inter-organizational grid virtual organizations
OTM'05 Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems
Role activation management in role based access control
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
OS-DRAM: a delegation administration model in a decentralized enterprise environment
WAIM '06 Proceedings of the 7th international conference on Advances in Web-Age Information Management
Representation and reasoning on role-based access control policies with conceptual graphs
ICCS'06 Proceedings of the 14th international conference on Conceptual Structures: inspiration and Application
Modeling and inferring on role-based access control policies using data dependencies
DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
New concept of authority range for flexible management of role hierarchy
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Policy analysis for self-administrated role-based access control
TACAS'13 Proceedings of the 19th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Hi-index | 0.02 |
Role-Based Access Control (RBAC) is a flexible and policy-neutral access control technology. For large systems|with hundreds of roles, thousands of users and millions of permissions|managing roles, users, permissions and their interrelationships is a formidable task that cannot realistically be centralized in a small team of security administrators. An appealing possibility is to use RBAC itself to facilitate decentralized administration of RBAC. The ARBAC97 (administrative RBAC '97)model was recently introduced for this purpose. ARBAC97 has three sub-models called URA97 (for user-role administration), PRA97 (for permission-role administration) and RRA97 (for role-role administration). In this paper we define enhancements to ARBAC97 to give us the new ARBAC99 model. Specifically the URA and PRA sub-models of ARBAC99 introduce significant new features relative to their counterparts in ARBAC97 (while RRA is left unchanged). ARBAC99 incorporates the concept of mobile and immobile users and permissions for the first time in this arena. This paper gives a formal definition of ARBAC99, motivates these enhancements and analyzes several subtle issues that arise in this context.