Role-based access control in DCOM

Journal of Systems Architecture

Volumn 46, Issue 13, 2000, Pages 1175-1184

  Ahn, Gail Joon ^a  

^a University of North Carolina at Charlotte   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER ARCHITECTURE; NETWORK PROTOCOLS; SECURITY OF DATA; WORLD WIDE WEB;

DISTRIBUTED COMPONENT OBJECT MODELS (DCOM); ROLE-BASED ACCESS CONTROL (RBAC);

DATA COMMUNICATION SYSTEMS;

EID: 0034324379     PISSN: 13837621     EISSN: None     Source Type: Journal    
DOI: 10.1016/S1383-7621(00)00017-5     Document Type: Article

References (22)

1. Ammann P.E., Knight J.C. Data diversity: an approach to software fault-tolerance. IEEE Transactions on Computers. 37(4):1988;418-425.
2. C. Adams, S. Lloyd, Understanding Public-key Infrastructure: Concepts, Standards, and Deployment Considerations, Macmillan, New York, November 1999.
3. K.P. Birman, Building Secure and Reliable Network Applications, Manning Publications, 1996.
4. Microsoft Corporation, DCOM architecture, in: Proceedings of Microsoft Professional Developers Conference, September 1997.
5. Department of Defense National Computer Security Center, Department of Defense Trusted Computer Systems Evaluation Criteria, DoD 5200.28-STD, December 1985.
6. D. Rogerson, Inside COM, Micosoft Press, 1996.
7. Gray J., Reuter A. Transaction Processing: Concepts and Techniques. 1993;Morgan Kaufman, Los Altos, CA.
8. R. Grimes, Professional DCOM Programming, Wrox Press, 1997.
9. S. Jajodia, P. Samarati, V.S. Subrahmanian, E. Bertino, A unified framework for enforcing multiple access control policies, in: Proceedings of the ACM SIGMOD International Conference on Management of Data Pages, 1997, pp. 474-485.
10. M. Moriconi, et al., Secure software architectures, in: Proceedings of IEEE Symposium on Research in Security and Privacy, IEEE Press, New York, 1997.
11. Microsoft Corporation, Microsoft Windows NT Server: DCOM Technical Overview 1995, www.microsoft.com/com/dcom95.
12. Randell B. System structure for software fault tolerance. IEEE Transactions on Software Engineering. SE-1(12):1995;220-232.
13. R. Sandhu, G.-J. Ahn, Decentralized group hierarchies in UNIX: an experiment and lessons learned, in: Proceedings of 21st NIST-NCSC National Information Security Conference, Crystal City, VA, October 1998, pp. 486-502.
14. R. Sandhu, G.-J. Ahn, Group hierarchies with decentralized user assignment in Windows NT, in: Proceedings of IASTED Conference on Software Engineering, Las Vegas, NV, October 1998, pp. 352-355.
15. Sandhu R.S. Lattice-based access control models. IEEE Computer. 26(11):1993;9-19.
16. R. Sandhu, Rationale for the RBAC96 family of access control models, in: Proceedings of the First ACM Workshop on Role-Based Access Control, ACM, New York, 1997.
17. R. Sandhu, V. Bhamidipati, The URA97 model for role-based administration of user-role assignment, in: T.Y. Lin, X. Qian (Eds.), Database Security XI: Status and Prospects, North-Holland, Amsterdam, 1997.
18. Sandhu R.S., Coyne E.J., Feinstein H.L., Youman C.E. Role-based access control models. IEEE Computer. 29(2):1996;38-47.
19. R. Sandhu, Q. Munawer, How to do discretionary access control using roles, in: Proceedings of the Third ACM Workshop on Role-Based Access Control, 1998, pp. 47-54.
20. Sandhu R.S., Samarati P. Access control: principles and practice. IEEE Communications. 32(9):1994;40-48.
21. Sandhu R., Samarati P. Authentication, access control and intrusion detection. Bertino E. The Computer Science and Engineering Handbook. 1997;1929-1948 CRC press, Boca Raton.
22. N. Yialelis, E. Lupu, M. Sloman, Role-based security for distributed object systems, in: Proceedings of the IEEE Fifth Workshops on Enabling Technology: Infrastructure for Collaborative Enterprise, IEEE, New York, 1996.