An administration concept for the enterprise role-based access control model
Proceedings of the eighth ACM symposium on Access control models and technologies
Induced role hierarchies with attribute-based RBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
X-GTRBAC admin: a decentralized administration model for enterprise wide access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Proceedings of the ninth ACM symposium on Access control models and technologies
An attribute-based-delegation-model
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Rule support for role-based access control
Proceedings of the tenth ACM symposium on Access control models and technologies
An attribute-based access matrix model
Proceedings of the 2005 ACM symposium on Applied computing
Secure resource sharing on cross-organization collaboration using a novel trust method
Robotics and Computer-Integrated Manufacturing
ROWLBAC: representing role based access control in OWL
Proceedings of the 13th ACM symposium on Access control models and technologies
A Context-Aware Mandatory Access Control Model for Multilevel Security Environments
SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
Secure mobile agent environments: modelling role assignments
International Journal of Electronic Security and Digital Forensics
International Journal of Computer Integrated Manufacturing
Specification and enforcement of flexible security policy for active cooperation
Information Sciences: an International Journal
Research on Description Logic Based Conflict Detection Methods for RB-RBAC Model
Proceedings of the 2006 conference on Advances in Intelligent IT: Active Media Technology 2006
A Semantic-Aware Attribute-Based Access Control Model for Web Services
ICA3PP '09 Proceedings of the 9th International Conference on Algorithms and Architectures for Parallel Processing
MyABDAC: compiling XACML policies for attribute-based database access control
Proceedings of the first ACM conference on Data and application security and privacy
Supporting role based provisioning with rules using OWL and F-logic
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Expert Systems with Applications: An International Journal
A contextual multilevel access control model
International Journal of Internet Technology and Secured Transactions
Using description logic to determine seniority among RB-RBAC authorization rules
RSKT'06 Proceedings of the First international conference on Rough Sets and Knowledge Technology
Web application security gateway with java non-blocking IO
NGITS'06 Proceedings of the 6th international conference on Next Generation Information Technologies and Systems
O2O: virtual private organizations to manage security policy interoperability
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Context-Aware provisional access control
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Semantic access control for corporate mobile devices
ICA3PP'10 Proceedings of the 10th international conference on Algorithms and Architectures for Parallel Processing - Volume Part II
A framework integrating attribute-based policies into role-based access control
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Automated and efficient analysis of role-based access control with attributes
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
A unified attribute-based access control model covering DAC, MAC and RBAC
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
RABAC: role-centric attribute-based access control
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Business Driven User Role Assignment: Nimble Adaptation of RBAC to Organizational Changes
International Journal of Information Security and Privacy
| Hi-index | 0.00 |
The Role-Based Access Control (RBAC) model istraditionally used to manually assign users to appropriateroles, based on a specific enterprise policy, therebyauthorizing them to use the roles' permissions. Inenvironments where the service-providing enterprise hasa huge customer base this task becomes formidable. Anappealing solution is to automatically assign users toroles. The central contribution of this paper is to describea model to dynamically assign users to roles based on afinite set of rules defined by the enterprise. These rulestake into consideration the attributes of users and anyconstraints set forth by the enterprise's security policy.The model also allows dynamic revocation of assignedroles based on conditions specified in the security policy.The model provides a language to express these rules anddefines a mechanism to determine seniority amongdifferent rules. The paper also shows how to use themodel to express Mandatory Access Controls (MAC).