Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Role-based access control in online authoring and publishing systems vs. document hierarchy
SIGDOC '99 Proceedings of the 17th annual international conference on Computer documentation
RBAC on the Web by smart certificates
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Modeling users in role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Engineering authority and trust in cyberspace: the OM-AM and RBAC way
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Access control mechanisms for inter-organizational workflow
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based access control on the web
ACM Transactions on Information and System Security (TISSEC)
Observations on the role life-cycle in the context of enterprise security management
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A role-based delegation framework for healthcare information systems
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A secure workflow system for dynamic collaboration
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
IEEE Internet Computing
On modeling system-centric information for role engineering
Proceedings of the eighth ACM symposium on Access control models and technologies
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
Managing RBAC states with transitive relations
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
A Monte Carlo framework to evaluate context based security policies in pervasive mobile environments
MobiDE '07 Proceedings of the 6th ACM international workshop on Data engineering for wireless and mobile access
lightweight decentralized authorization model for inter-domain collaborations
Proceedings of the 2007 ACM workshop on Secure web services
Preventing information leakage between collaborating organisations
Proceedings of the 10th international conference on Electronic commerce
International Journal of Computer Integrated Manufacturing
Supporting dynamic administration of RBAC in web-based collaborative applications during run-time
International Journal of Information and Computer Security
International Journal of Computer Integrated Manufacturing
Specification and enforcement of flexible security policy for active cooperation
Information Sciences: an International Journal
IBM Journal of Research and Development
Towards automatic update of access control policy
LISA'10 Proceedings of the 24th international conference on Large installation system administration
Access control requirements for preventing insider threats
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
An approach for trusted interoperation in a multidomain environment
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
An access-control policy based on sharing resource management for a multi-domains environment
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Trusted identity and session management using secure cookies
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Recognition of authority in virtual organisations
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
| Hi-index | 0.00 |
Secure and effective access control is critical to sensitive organizations, especially when multiple organizations are working together using diverse systems. To alleviate the confusion and challenges of redundancy in such a large, complex organization, in this paper we introduce a composite role-based access control (RBAC) approach, by separating the organizational and system role structures and by providing the mapping between them. This allows for the explicit identification and separation of organizational and target-system roles, role hierarchies, role assignments, constraints, and role activations, with an attempt to bridge the gap between the organizational and system role structures. The composite RBAC approach supports scalable and reusable RBAC mechanisms for large, complex organizations. Our research explores the newly created Department of Homeland Security (DHS) as a large, complex organization in which the Composite RBAC can be applied.