Role-Based Access Control Models
Computer
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Protection in operating systems
Communications of the ACM
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Administrative scope: A foundation for role-based administrative models
ACM Transactions on Information and System Security (TISSEC)
Security analysis in role-based access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Efficient policy analysis for administrative role based access control
Proceedings of the 14th ACM conference on Computer and communications security
An access control reference architecture
Proceedings of the 2nd ACM workshop on Computer security architectures
Proceedings of the 15th ACM symposium on Access control models and technologies
Towards session-aware RBAC administration and enforcement with XACML
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Privilege states based access control for fine-grained intrusion response
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Towards automatic update of access control policy
LISA'10 Proceedings of the 24th international conference on Large installation system administration
RAR: A role-and-risk based flexible framework for secure collaboration
Future Generation Computer Systems
Efficient symbolic automated analysis of administrative attribute-based RBAC-policies
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Modeling data flow in socio-information networks: a risk estimation approach
Proceedings of the 16th ACM symposium on Access control models and technologies
Automated symbolic analysis of ARBAC-policies
STM'10 Proceedings of the 6th international conference on Security and trust management
Discretionary and mandatory controls for role-based administration
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
TBA: a hybrid of logic and extensional access control systems
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Symbolic backward reachability with effectively propositional logic
Formal Methods in System Design
Policy analysis for self-administrated role-based access control
TACAS'13 Proceedings of the 19th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Journal of Computer Security - STM'10
| Hi-index | 0.00 |
Access control data structures generally need to evolve over time in order to reflect changes to security policy and personnel. An administrative model defines the rules that control the state changes to an access control model and the data structures that model defines. We present a powerful framework for describing role-based administrative models. It is based on the concept of administrative domains and criteria that control state changes in order to preserve certain features of those domains. We define a number of different sets of criteria, each of which control the effect of state changes on the set of administrative domains and thereby lead to different role-based administrative models. Using this framework we are able to identify some unexpected connections between the ARBAC97 and RHA administrative models and to compare their respective properties. In doing so we are able to suggest some improvements to both models.