Computer security basics
Complex Challenges for a Complex World
IEEE Software
Role Hierarchies and Constraints for Lattice-Based Access Controls
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
| Hi-index | 0.00 |
This paper is an overview of a study done for the National Institute of Standards and Technology (NIST) to determine what potential market there is for a role-based access control (RBAC) product. Thirty security managers from 27 large civil federal organizations were interviewed using a six-page questionnaire. Their security needs were identified and it was concluded that these organizations desired an RBAC product to complement their mandatory and discretionary access control products. The results of the main reference study (Smith et al., 1996) will be used by NIST personnel as an input to the formulation of standards for future RBAC products.