Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Future directions in role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
On the increasing importance of constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The RSL99 language for role-based separation of duty constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
An access control model for simplifying constraint expression
Proceedings of the 7th ACM conference on Computer and communications security
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Specifying and enforcing constraints in role-based access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Role-Based Access Control
On mutually-exclusive roles and separation of duty
Proceedings of the 11th ACM conference on Computer and communications security
Emerging Trends in Health Care Delivery: Towards Collaborative Security for NIST RBAC
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Establishing RBAC-based secure interoperability in decentralized multi-domain environments
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Set covering problems in role-based access control
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Satisfiability and Resiliency in Workflow Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
RAR: A role-and-risk based flexible framework for secure collaboration
Future Generation Computer Systems
Idea: efficient evaluation of access control constraints
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
| Hi-index | 0.00 |
Separation of Duty (SoD) is widely recognized to be a fundamental principle in computer security. A Static SoD (SSoD) policy states that in order to have all permissions necessary to complete a sensitive task, the cooperation of at least a certain number of users is required. In Role-Based Access Control (RBAC), Statically Mutually Exclusive Role (SMER) constraints are used to enforce SSoD policies. This paper studies the problem of generating sets of constraints that (a) enforce a set of SSoD policies, (b) are compatible with the existing role hierarchy, and (c) are minimal in the sense that there is no other constraint set that is less restrictive and satisfies (a) and (b).