Role-Based Access Control Models
Computer
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Towards a more complete model of role
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A rule-based framework for role based delegation
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Design and implementation of a flexible RBAC-service in an object-oriented scripting language
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Observations on the role life-cycle in the context of enterprise security management
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Engineering of Role/Permission Assignments
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
On modeling system-centric information for role engineering
Proceedings of the eighth ACM symposium on Access control models and technologies
A policy-based decentralized authorization management framework for cloud computing
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Hi-index | 0.01 |
In this paper we describe a system whose purpose is to help establish a valid set of roles and role hierarchies with assigned users and associated permissions. We have designed and implemented the system, called RA system, which enables role administrators to build and configure various components of a role-based access control (RBAC) model, thereby making it possible to lay a foundation for role-based authorization infrastructures. Three methodological constituents for our purpose are introduced, together with the design and implementation issues. The system has a role-centric view for easily managing constrained roles as well as assigned users and permissions. An LDAP-accessible directory service was used for a role database. We show that the system can be seamlessly integrated with an existing privilege-based authorization infrastructure. We finally discuss our plans for future development of the system.