Role-Based Access Control Models
Computer
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Maintaining knowledge about temporal intervals
Communications of the ACM
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
An authorization model for temporal and derived data: securing information portals
ACM Transactions on Information and System Security (TISSEC)
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A generalized temporal role based access control model for developing secure systems
A generalized temporal role based access control model for developing secure systems
Access-Control Language for Multidomain Environments
IEEE Internet Computing
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
ACM Transactions on Information and System Security (TISSEC)
IEEE Transactions on Dependable and Secure Computing
A Trust-Based Context-Aware Access Control Model for Web-Services
Distributed and Parallel Databases
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Access control management in a distributed environment supporting dynamic collaboration
Proceedings of the 2005 workshop on Digital identity management
Formal model and policy specification of usage control
ACM Transactions on Information and System Security (TISSEC)
X-gtrbac admin: A decentralized administration model for enterprise-wide access control
ACM Transactions on Information and System Security (TISSEC)
Fine-grained role-based delegation in presence of the hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Inverting sensor networks and actuating the environment for spatio-temporal access control
Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks
An extended RBAC profile of XACML
Proceedings of the 3rd ACM workshop on Secure web services
GEO-RBAC: A spatially aware RBAC
ACM Transactions on Information and System Security (TISSEC)
Key management for role hierarchy in distributed systems
Journal of Network and Computer Applications
On mutually exclusive roles and separation-of-duty
ACM Transactions on Information and System Security (TISSEC)
X-FEDERATE: A Policy Engineering Framework for Federated Access Management
IEEE Transactions on Software Engineering
Inter-domain role mapping and least privilege
Proceedings of the 12th ACM symposium on Access control models and technologies
Formal foundations for hybrid hierarchies in GTRBAC
ACM Transactions on Information and System Security (TISSEC)
On spatio-temporal constraints and inheritance in role-based access control
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Constraint based role based access control in the SECTET-framework: A model-driven approach
Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
Proceedings of the 13th ACM symposium on Access control models and technologies
Context-aware role-based access control in pervasive computing systems
Proceedings of the 13th ACM symposium on Access control models and technologies
An obligation model bridging access control policies and privacy policies
Proceedings of the 13th ACM symposium on Access control models and technologies
The Journal of Supercomputing
ACM Transactions on Information and System Security (TISSEC)
Analysis of Role Behavior in Collaborative Network Learning
Edutainment '08 Proceedings of the 3rd international conference on Technologies for E-Learning and Digital Entertainment
Dynamic Meta-level Access Control in SQL
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
On the Formal Analysis of a Spatio-temporal Role-Based Access Control Model
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
A Spatio-temporal Access Control Model Supporting Delegation for Pervasive Computing Applications
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
Supporting dynamic administration of RBAC in web-based collaborative applications during run-time
International Journal of Information and Computer Security
A Verification Framework for Temporal RBAC with Role Hierarchy (Short Paper)
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
A constraint based role based access control in the SECTET a model-driven approach
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Security and privacy for geospatial data: concepts and research directions
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
Towards movement-aware access control
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
Enforcing role based access control model with multimedia signatures
Journal of Systems Architecture: the EUROMICRO Journal
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools
Transactions on Computational Science IV
Role Based Access Control with Spatiotemporal Context for Mobile Applications
Transactions on Computational Science IV
Ensuring spatio-temporal access control for real-world applications
Proceedings of the 14th ACM symposium on Access control models and technologies
Towards formal security analysis of GTRBAC using timed automata
Proceedings of the 14th ACM symposium on Access control models and technologies
The next 700 access control models or a unifying meta-model?
Proceedings of the 14th ACM symposium on Access control models and technologies
Extending access control models with break-glass
Proceedings of the 14th ACM symposium on Access control models and technologies
A Trust-Based Access Control Model for Pervasive Computing Applications
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Towards Trustworthy Delegation in Role-Based Access Control Model
ISC '09 Proceedings of the 12th International Conference on Information Security
XML-based policy specification framework for spatiotemporal access control
Proceedings of the 2nd international conference on Security of information and networks
An architecture for specification and enforcement of temporal access control constraints using OWL
Proceedings of the 2009 ACM workshop on Secure web services
Security policies for the visualization of Geo Data
Proceedings of the 2nd SIGSPATIAL ACM GIS 2009 International Workshop on Security and Privacy in GIS and LBS
A spatio-temporal role-based access control model
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Towards a times-based usage control model
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
XACML policies for exclusive resource usage
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
STARBAC: spatiotemporal role based access control
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Combination of duty and historical constraints in role-based access control
IIT'09 Proceedings of the 6th international conference on Innovations in information technology
An access control model for mobile physical objects
Proceedings of the 15th ACM symposium on Access control models and technologies
Integrating GSTRBAC spatial constraints in X-GTRBAC
Proceedings of the 7th International Conference on Frontiers of Information Technology
Architectural mismatch issues in identity management deployment
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
A unified index structure for efficient enforcement of spatiotemporal authorisations
International Journal of Information and Computer Security
Relation-Based Access Control: An Access Control Model for Context-Aware Computing Environment
Wireless Personal Communications: An International Journal
Role-based access control for a Grid system using OGSA-DAI and Shibboleth
The Journal of Supercomputing
Scalable and efficient reasoning for enforcing role-based access control
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Identity management mismatch challenges in the Danish municipality administration system
ECSA'10 Proceedings of the 4th European conference on Software architecture
Independently verifiable decentralized role-based delegation
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Rumpole: a flexible break-glass access control model
Proceedings of the 16th ACM symposium on Access control models and technologies
Group-Centric Secure Information-Sharing Models for Isolated Groups
ACM Transactions on Information and System Security (TISSEC)
Rewrite specifications of access control policies in distributed environments
STM'10 Proceedings of the 6th international conference on Security and trust management
Poster: temporal attribute-based encryption in clouds
Proceedings of the 18th ACM conference on Computer and communications security
A requirements-driven trust framework for secure interoperation in open environments
iTrust'06 Proceedings of the 4th international conference on Trust Management
A state-transfer-based dynamic policy approach for constraints in RBAC
WAIM'05 Proceedings of the 6th international conference on Advances in Web-Age Information Management
An approach for trusted interoperation in a multidomain environment
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
LoT-RBAC: a location and time-based RBAC model
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
A relational database integrity framework for access control policies
Journal of Intelligent Information Systems
A DRBAC model based on context for smart and secure services in intelligent ubiquitous home
UIC'06 Proceedings of the Third international conference on Ubiquitous Intelligence and Computing
uiH-PMAC model suitable for Ubi-Home gateway in ubiquitous intelligent environment
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II
A survey of security issue in multi-agent systems
Artificial Intelligence Review
Representation and reasoning on role-based access control policies with conceptual graphs
ICCS'06 Proceedings of the 14th international conference on Conceptual Structures: inspiration and Application
FORBAC: a flexible organisation and role-based access control model for secure information systems
ADVIS'06 Proceedings of the 4th international conference on Advances in Information Systems
Dynamic security rules for geo data
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Category-Based authorisation models: operational semantics and expressive power
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Role-Based access control model for ubiquitous computing environment
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Implementation of access control model for distributed information systems using usage control
SIIS'11 Proceedings of the 2011 international conference on Security and Intelligent Information Systems
Using timed colored petri nets and CPN-tool to model and verify TRBAC security policies
VECoS'10 Proceedings of the Fourth international conference on Verification and Evaluation of Computer and Communication Systems
Modeling and analyzing the impact of authorization on workflow executions
Future Generation Computer Systems
Analyzing temporal role based access control models
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
A framework integrating attribute-based policies into role-based access control
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
A new RBAC based access control model for cloud computing
GPC'12 Proceedings of the 7th international conference on Advances in Grid and Pervasive Computing
Performance analysis for workflow management systems under role-based authorization control
GPC'12 Proceedings of the 7th international conference on Advances in Grid and Pervasive Computing
Privacy bubbles: user-centered privacy control for mobile content sharing applications
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL
Information and Software Technology
Transformation of spatio-temporal role based access control specification to alloy
MEDI'12 Proceedings of the 2nd international conference on Model and Data Engineering
Context-awareness: exploring the imperative shared context of security and ubiquitous computing
Proceedings of the 14th International Conference on Information Integration and Web-based Applications & Services
A formal role-based access control model for security policies in multi-domain mobile networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Information Security Tech. Report
Proceedings of the 18th ACM symposium on Access control models and technologies
Specification and analysis of access control policies for mobile applications
Proceedings of the 18th ACM symposium on Access control models and technologies
On the Parameterized Complexity and Kernelization of the Workflow Satisfiability Problem
ACM Transactions on Information and System Security (TISSEC)
Toward mining of temporal roles
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Analysis of TRBAC with dynamic temporal role hierarchies
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Modelling context-aware RBAC models for mobile business processes
International Journal of Wireless and Mobile Computing
Verification and enforcement of access control policies
Formal Methods in System Design
Ontology-based access control model for security policy reasoning in cloud computing
The Journal of Supercomputing
Formal specification and management of security policies with collective group obligations
Journal of Computer Security
| Hi-index | 0.00 |
Role-based access control (RBAC) models have generated a great interest in the security community as a powerful and generalized approach to security management. In many practical scenarios, users may be restricted to assume roles only at predefined time periods. Furthermore, roles may only be invoked on prespecified intervals of time depending upon when certain actions are permitted. To capture such dynamic aspects of a role, a temporal RBAC (TRBAC) model has been recently proposed. However, the TRBAC model addresses the role enabling constraints only. In this paper, we propose a Generalized Temporal Role-Based Access Control (GTRBAC) model capable of expressing a wider range of temporal constraints. In particular, the model allows expressing periodic as well as duration constraints on roles, user-role assignments, and role-permission assignments. In an interval, activation of a role can further be restricted as a result of numerous activation constraints including cardinality constraints and maximum active duration constraints. The GTRBAC model extends the syntactic structure of the TRBAC model and its event and trigger expressions subsume those of TRBAC. Furthermore, GTRBAC allows expressing role hierarchies and separation of duty (SoD) constraints for specifying fine-grained temporal semantics.