Role-Based Access Control Models
Computer
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Role-based access control and the access control matrix
ACM SIGOPS Operating Systems Review
ACM SIGOPS Operating Systems Review
Applying aspect oriented programming to distributed storage metadata management
Proceedings of the 2nd workshop on Best practices in applying aspect-oriented software development
Specification and enforcement of flexible security policy for active cooperation
Information Sciences: an International Journal
Journal of Systems Architecture: the EUROMICRO Journal
An approach for trusted interoperation in a multidomain environment
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Hi-index | 0.00 |
As a major component of any host, or network operating system, access control mechanisms come in a wide variety of forms, each with their individual attributes, functions, methods for configuring policy, and a tight coupling to a class of policies. To afford generalized protection, NIST has initiated a project in pursuit of a standardized access control mechanism, referred to as the Policy Machine (PM) that requires changes only in its configuration in the enforcement of arbitrary and organization specific attribute-based access control policies. Included among the PM's enforceable policies are combinations of policy instances (e.g., Role-Based Access Control and Multi-Level Security). In our effort to devise a generic access control mechanism, we construct the PM in terms of what we believe to be abstractions, properties and functions that are fundamental to policy configuration and enforcement. In its protection of objects under one or more policy instances, the PM categorizes users and objects and their attributes into policy classes, and transparently enforces these policies through a series of fixed PM functions, that are invoked in response to user or subject (process) access requests.