Design and specification of role based access control policies

IEE Proceedings: Software

Volumn 147, Issue 4, 2000, Pages 117-129

  Hitchens, M ^a   Varadharajan, V ^a  

^a UNIVERSITY OF WESTERN SYDNEY   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER PROGRAMMING LANGUAGES; DECISION THEORY; MATHEMATICAL MODELS;

META-LEVEL OPERATIONS;

COMPUTER AIDED SOFTWARE ENGINEERING;

EID: 0034240041     PISSN: 14625970     EISSN: None     Source Type: Journal    
DOI: 10.1049/ip-sen:20000792     Document Type: Article

References (20)

1. PFLEEGER, C.P.: 'Security in computing', (Prentice Hall, 1997), 2nd edn.
2. SANDHU, R., COYNE, E.J., and FEINSTEIN, H.L.: 'Role based access control models', Computer, 1996, 29, (2), pp. 38-47
3. OSBORNE, S.: 'Mandatory access control and role-based access control revisited'. Proceedincs of the 2nd ACM RBAC Workshop, Fairfax, VA, USA, 1997, pp. 31-40
4. SANDHU, R., and FEINSTEIN, H.: 'A three tier architecture for rolebased access control'. Proceedings of the 17th national computer security conference, Baltimore, MD, USA, 1994, pp. 34-46
5. SIMON, R., and ZURKO, M.: 'Separation of duty in role-based environments'. Proceeding of the 10th computer security foundations workshop, Rockport, MAT USA, 1997, IEEE CS Press, pp. 183-94
6. JAJODIA, S., SMARATI, P., and SUBRAHMANIAN, V: 'A logical language for expressing authorizations". Proceedings of the IEE Symposium on Security and information privacy, 1997, Oakland, CA, USA, pp. 31 -4»2
7. SANDHU, R., COYNE, E., FEINSTEIN, H., and YOUMAN, C.: 'Role-based access control: A multi-dimensional view. 10th Annual computer security applications conference, Orlando, FL, USA, 1994, IEEE CS Press, pp. 54-61
8. H1LCHENBACH, B.: 'Observations on the real-world implementation of role-based access control'. Proceedings of the 20th National information systems security conference, 1997, Baltimore, MD, USA, pp. 341-52
9. ZURKO, M., SIMON, R., and SANFILIPPO, T.: 'A user-centered, modular authorization service built on an RBAC foundation'. Proceedings of the IEEE symposium on Security and privacy, 1999, Oakland, CA, USA, pp. 57-71
10. BAI, Y., and VARADHARAJAN, V: 'A logic for state transformations in authorization policies'. Proceedings of the 10th IEEE computer security foundations workshop, 1997, Rockport, MA, USA, IEEE, Computer Society Press, pp. 173-183
11. VARADHARAJAN, V, CRALL, C., and PATO, J.: 'Authorization for enterprise wide distributed systems: Design and application. Proceedings of the IEEE computer security applications conference, ACSAC'98, 1998, Scottsdale, AZ, USA
12. MOFFETT, J.: 'Control principles and role hierarchies'. Proceedings of the 3rd ACM Workshop on Role based accès.'! control, 1998, Fairfax, VA, USA
13. KARGER, P.: 'Implementing commercial data integrity with secure capabilities'. Proceedings of the IEEE Symposium on Security and privacy, 1988, Oakland, CA, USA, pp. 130-39
14. FERRAIOLO, D., and KÜHN, R.: 'Role based access controls'. Proceedings of the 15th NIST-NCSC national computer security conference, 1992, Baltimore, MD, USA
15. SANDHU, R.: 'Role activation hierarchies'. Proceedings of the 3rd ACM RBAC Workshop on Role based access control, 1998, Fairfax, VA, USA, pp. 33-40
16. GIURI, L., and IGLIO, P.: 'Role templates for content-based access control'. Proceedings of the 2nd ACM Workshop on Role based access control, 1997, Fairfax, VA, USA
17. BREWER, D., and NASH, M.: 'The Chinese Wall security policy', Proceedings of the IEEE Symposium on Security and privacy, 1989, pp. 206-214, Las Alamitos, CA, USA
18. VARADHARAJAN, V., ALLEN, P., and BLACK, S.: 'Analysis of proxy problem in distributed systems', Proceedings of the IEEE Symposium on Security and privacy, 1991, Las Alamitos, CA, USA
19. VARADHARAJAN, V, and ALLEN, P.: 'Joint action based authorization schemes', ACM 30, Oper. Syst. Rev., 1996, 3, pp. 32-45
20. Object Management Group (OMG), 'CORBAscrvices: Common object services specification' and 'security services in common object request broker architecture', 1996-98.