An administration concept for the enterprise role-based access control model
Proceedings of the eighth ACM symposium on Access control models and technologies
Role mining - revealing business roles for security administration using data mining technology
Proceedings of the eighth ACM symposium on Access control models and technologies
Proceedings of the ninth ACM symposium on Access control models and technologies
Access-Control Language for Multidomain Environments
IEEE Internet Computing
Rule support for role-based access control
Proceedings of the tenth ACM symposium on Access control models and technologies
Proceedings of the tenth ACM symposium on Access control models and technologies
ACM Transactions on Information and System Security (TISSEC)
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
International Journal of Computer Integrated Manufacturing
International Journal of Computer Integrated Manufacturing
Specification and enforcement of flexible security policy for active cooperation
Information Sciences: an International Journal
Incorporating social-cultural contexts in role engineering: an activity theoretic approach
International Journal of Business Information Systems
Towards automatic update of access control policy
LISA'10 Proceedings of the 24th international conference on Large installation system administration
An empirical assessment of approaches to distributed enforcement in role-based access control (RBAC)
Proceedings of the first ACM conference on Data and application security and privacy
Automatic error finding in access-control policies
Proceedings of the 18th ACM conference on Computer and communications security
Mohawk: Abstraction-Refinement and Bound-Estimation for Verifying Access Control Policies
ACM Transactions on Information and System Security (TISSEC)
Policy analysis for self-administrated role-based access control
TACAS'13 Proceedings of the 19th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Hi-index | 0.00 |
The administration of users and access rights in largeenterprises is a complex and challenging task. Roles area powerful concept for simplifying access control, but theirimplementation is normally restricted to single systems andapplications. In this article we define Enterprise Roles capableof spanning all IT systems in an organisation. Weshow how the Enterprise Role-Based Access Control (ER-BAC)model exploits the RBAC model outlined in the NISTstandard draft[5] and describe its extensions.We have implemented ERBAC as a basic concept of SAMJupiter, a commercial security administration tool. Basedon practical experience with the deployment of EnterpriseRoles during SAM implementation projects in large organisations,we have enhanced the ERBAC model by includingdifferent ways of parametrising the roles. We show thatusing parameters can significantly reduce the number ofroles needed in an enterprise and simplify the role structure,thereby reducing the administration effort considerably.The enhanced ERBAC features are illustrated by real-lifeexamples.