Role-Based Access Control Models
Computer
Computational Issues in Secure Interoperation
IEEE Transactions on Software Engineering
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Providing Security and Interoperation of HeterogeneousSystems
Distributed and Parallel Databases - Security of data and transaction processing
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
An algebra for composing access control policies
ACM Transactions on Information and System Security (TISSEC)
Temporal hierarchies and inheritance semantics for GTRBAC
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Administrative scope and role hierarchy operations
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A model for role administration using organization structure
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
Merging Heterogeneous Security Orderings
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
The ARBAC99 Model for Administration of Roles
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Access-Control Language for Multidomain Environments
IEEE Internet Computing
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
ACM Transactions on Information and System Security (TISSEC)
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
IEEE Transactions on Dependable and Secure Computing
Spatial Domains for the Administration of Location-based Access Control Policies
Journal of Network and Systems Management
Towards movement-aware access control
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
XML-based policy specification framework for spatiotemporal access control
Proceedings of the 2nd international conference on Security of information and networks
Hi-index | 0.00 |
The modern enterprise spans several functional units or administrative domains with diverse authorization requirements. Access control policies in an enterprise environment typically express these requirements as authorization constraints. While desirable for access control, constraints can lead to conflicts in the overall policy in a multidomain environment. The administration problem for enterprise-wide access control, therefore, not only includes authorization management for users and resources within a single domain but also conflict resolution among heterogeneous access control policies of multiple domains to allow secure interoperation within the enterprise. This work presents design and implementation of X-GTRBAC Admin, an administration model that aims at enabling administration of role-based access control (RBAC) policies in the presence of constraints with support for conflict resolution in a multidomain environment. A key feature of the model is that it allows decentralization of policy administration tasks through the abstraction of administrative domains, which not only simplifies authorization management, but is also fundamental to the concept of decentralized conflict resolution presented. The paper also illustrates the applicability of the outlined administrative concepts in a realistic enterprise environment using an implementation prototype that facilitates policy administration in large enterprises.