Task-role-based access control model

Authors:
Sejong Oh;Seog Park
Affiliations:
Department of Computer Science, Sogang University, 121-742 Seoul, South Korea;Department of Computer Science, Sogang University, 121-742 Seoul, South Korea
Venue:
Information Systems
Year:
2003

Citing 21
Cited 24

Computer security basics

Computer security basics
Fundamentals of computer security technology

Fundamentals of computer security technology
Role-Based Access Control Models

Computer
Security in computing

Security in computing
Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Role activation hierarchies

RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Formal specification for role based access control user/role and role/role relationship management

RBAC '98 Proceedings of the third ACM workshop on Role-based access control
An introduction to database systems (7th ed.)

An introduction to database systems (7th ed.)
On the increasing importance of constraints

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The RSL99 language for role-based separation of duty constraints

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The uses of role hierarchies in access control

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Integrated constraints and inheritance in DTAC

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Security models for web-based applications

Communications of the ACM
Security requirements for cooperative work: a model and its system implications

EW 6 Proceedings of the 6th workshop on ACM SIGOPS European workshop: Matching operating systems to application needs
Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management

Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
An Integration Model of Role-Based Access Control and Activity Based Access Control Using Task

Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
Final Summary Report on Enterprise Security

WETICE '99 Proceedings of the 8th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Framework for role-based delegation models

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Separation of Duty in Role-based Environments

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Towards Security Semantics in Workflow Management

HICSS '98 Proceedings of the Thirty-First Annual Hawaii International Conference on System Sciences-Volume 7 - Volume 7

Development of an access control model, system architecture and approaches for resource sharing in virtual enterprise

Computers in Industry
Knowledge sharing in virtual enterprises via an ontology-based access control approach

Computers in Industry
Toward Modeling Sensor Node Security Using Task-Role Based Access Control with TinySec

Computational Intelligence and Security
Distributed access control architecture and model for supporting collaboration and concurrency in dynamic virtual enterprises

International Journal of Computer Integrated Manufacturing
Research of Integrated Access Control Based on Task-Driven RBAC for Lifecycle Software Quality Management

ICIRA '08 Proceedings of the First International Conference on Intelligent Robotics and Applications: Part II
Flexible authorisation in dynamic e-business environments using an organisation structure-based access control model

International Journal of Computer Integrated Manufacturing
Model-driven business process security requirement specification

Journal of Systems Architecture: the EUROMICRO Journal
Verification of Business Process Entailment Constraints Using SPIN

ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
A formal framework to elicit roles with business meaning in RBAC systems

Proceedings of the 14th ACM symposium on Access control models and technologies
Task-activity based access control for process collaboration environments

Computers in Industry
An empirical evaluation of information security awareness levels in designing secure business processes

Proceedings of the 4th International Conference on Design Science Research in Information Systems and Technology
The separation of duty with privilege calculus

RSKT'08 Proceedings of the 3rd international conference on Rough sets and knowledge technology
The research and implementation of a new B/S access control

IITA'09 Proceedings of the 3rd international conference on Intelligent information technology application
Modeling process-related RBAC models with extended UML activity models

Information and Software Technology
Integrating constraints to support legally flexible business processes

Information Systems Frontiers
An approach for trusted interoperation in a multidomain environment

ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Optimistic anonymous participation in inter-organizational workflow instances

ICISS'06 Proceedings of the Second international conference on Information Systems Security
Access control for semantic data federations in industrial product-lifecycle management

Computers in Industry
Mobi-CoSWAC: an access control approach for collaborative scientific workflow in mobile environment

ICPCA/SWS'12 Proceedings of the 2012 international conference on Pervasive Computing and the Networked World
An enhanced security mechanism for web service based systems

ICPCA/SWS'12 Proceedings of the 2012 international conference on Pervasive Computing and the Networked World
Generic support for RBAC break-glass policies in process-aware information systems

Proceedings of the 28th Annual ACM Symposium on Applied Computing
Modelling context-aware RBAC models for mobile business processes

International Journal of Wireless and Mobile Computing
Association-Based Active Access Control models with balanced scalability and flexibility

Computers in Industry
A systematic review on security in Process-Aware Information Systems - Constitution, challenges, and future directions

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

There are many information objects and users in a large company. It is an important issue how to control user's access in order that only authorized user can access information objects. Traditional access control models-- discretionary access control, mandatory access control, and role-based access control--do not properly reflect the characteristics of enterprise environment. This paper proposes an improved access control model for enterprise environment. The characteristics of access control in an enterprise environment are examined and a task-role-based access control (T-RBAC) model founded on concept of classification of tasks is introduced. Task is a fundamental unit of business work or business activity. T-RBAC deals with each task differently according to its class, and supports task level access control and supervision role hierarchy. T-RBAC is a suitable access control model for industrial companies.