Policy Storage for Role-Based Access Control Systems
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
An integrated approach to engineer and enforce context constraints in RBAC environments
ACM Transactions on Information and System Security (TISSEC)
lightweight decentralized authorization model for inter-domain collaborations
Proceedings of the 2007 ACM workshop on Secure web services
Paralocks: role-based information flow control and beyond
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Collaboration for human-centric eGovernment workflows
WISE'07 Proceedings of the 2007 international conference on Web information systems engineering
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
| Hi-index | 0.00 |
Many RBAC models have augmented the fundamental requirementof a role abstraction with features such as parameterisedroles and environment-aware policy. This paperexamines the potential for unintentional leakage of informationduring RBAC policy enforcement, either through theexchange of parameters with external services when checkingenvironmental conditions, or through a policy designwhich does not appropriately separate policy subsectionswith different basic purposes. We propose a simple, robustmechanism for handling these problems, and illustrate ourapproach with a current application of our OASIS RBACsystem.