Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles: preliminary description and outline
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Control principles and role hierarchies
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The uses of role hierarchies in access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Modeling users in role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Security models for web-based applications
Communications of the ACM
Structured management of role-permission relationships
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Administrative scope and role hierarchy operations
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Lattice-Based Access Control Models
Computer
The URA97 Model for Role-Based User-Role Assignment
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
The RRA97 Model for Role-Based Administration of Role Hierarchies
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
The ARBAC99 Model for Administration of Roles
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Role-based administration of user-role assignment: The URA97 model and its Oracle implementation
Journal of Computer Security
Sharing but Protecting Content Against Internal Leakage for Organisations
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Spatial Domains for the Administration of Location-based Access Control Policies
Journal of Network and Systems Management
A formal framework to elicit roles with business meaning in RBAC systems
Proceedings of the 14th ACM symposium on Access control models and technologies
Towards session-aware RBAC administration and enforcement with XACML
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Process compliance analysis based on behavioural profiles
Information Systems
Program synthesis in administration of higher-order permissions
Proceedings of the 16th ACM symposium on Access control models and technologies
ASRBAC: a security administration model for mobile autonomic networks (MAutoNets)
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Automated analysis of rule-based access control policies
PLPV '13 Proceedings of the 7th workshop on Programming languages meets program verification
Nephele: Scalable Access Control for Federated File Services
Journal of Grid Computing
| Hi-index | 0.00 |
Role-based access control (RBAC) is a well-accepted model for access control in an enterprise environment. When we apply RBAC model to large enterprises, effective role administration is a major issue. ARBAC97 is a well-known solution for decentralized RBAC administration. ARBAC97 authorizes administrative roles by means of role ranges and prerequisite conditions, where prerequisite conditions effectively work as a restricted pool for administrative roles to pick users or permissions. Although attractive and elegant in their own right, these mechanisms have significant shortcomings. In this paper, we propose an improved role administration model named ARBAC02 to overcome the weaknesses of ARBAC97. ARBAC02 introduces the concept of organization structure for defining user and permission pools independent of roles and role hierarchies, with a refined prerequisite condition specification. In addition, we present a bottom-up approach of permission-role administration in contrast to the top-down approach in ARBAC97. As a general solution, we illustrate the applications of organization structured-based security administration with other access control models, such as access control list model and lattice-based access control model.