A model of OASIS role-based access control and its support for active security

Proceedings of Sixth ACM Symposium on Access Control Models and Technologies (SACMAT 2001)

Volumn , Issue , 2001, Pages 171-181

  Yao, Walt ^a   Moody, Ken ^a   Bacon, Jean ^a  

^a UNIVERSITY OF CAMBRIDGE   (United Kingdom)

Author keywords

Certificates; OASIS; Policy; RBAC; Role based access control; Service level agreements

Indexed keywords

CONSTRAINT THEORY; DATABASE SYSTEMS; OBJECT ORIENTED PROGRAMMING; PARAMETER ESTIMATION;

ROLE-BASED ACCESS CONTROL (RBAC);

SECURITY OF DATA;

EID: 0035790651     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/373256.373294     Document Type: Conference Paper

References (24)

1. V. Atluri and W.-K. Huang. An authorization model for workflows. In 4th European Symposium on Research in Computer Security, pages 44-64, Rome, Italy, September 1996.
2. J. Bacon, M. Lloyd, and K. Moody. Translating role-based access control policy within context. In Policy 2001, Workshop on Policies for Distributed Systems and Networks, Bristol, UK, Jaunary 2001.
3. J. Bacon, K. Moody, J. Bates, R. Hayton, C. Ma, A. McNeil, O. Seidel, and M. Spiteri. Generic support for distributed applications. IEEE Computer, pages 68-76, March 2000.
4. E. Barka and R. Sandhu. Framework for role-based delegation models. In 16th Annual Computer Security Applications Conference, New Orleans, Louisiana, December 2000.
5. E. Barka and R. Sandhu. A role-based delegation model and some extensions. In 23rd National Information Systems Security Conference, Baltimore, MD, October 2000.
6. E. Bertino, E. Ferrari, and V. Alturi. A flexible model for the specification and enforcement of authorization constraints in workflow management system. In Second ACM Workshop on Role-Based Access Control, pages 1-12, Fairfax, Virginia, November 1997.
7. M. J. Covington, M. J. Moyer, and M. Ahamad. Generalized role-based access control for securing future applications. In 23rd National Information Systems Security Conference, Baltimore, MD, October 2000.
8. D. F. Ferraiolo, J. F. Barkley, and D. R. Kuhn. A role-based access control model and reference implementation within a corporate intranet. ACM Transactions on Information and System Security, 2(1):34-64, Feb 1999.
9. L. Giuri and P. Iglio. Role templates for content-based access control. In Second ACM Workshop on Role-Based Access Control, pages 153-159, Fairfax, Virginia, November 1997.
10. C. Goh and A. Baldwin. Towards a more complete model of role. In Third ACM Workshop on Role-Based Access Control, pages 55-61, Fairfax, Virginia, October 1998.
11. R. Hayton, J. Bacon, and K. Moody. OASIS: Access Control in an Open, Distributed Environment. In Proceedings of IEEE Symposium on Security and Privacy, Oakland, CA, May 1998. IEEE.
12. J. Hine, W. Yao, J. Bacon, and K. Moody. An architecture for distributed OASIS services. In Middleware 2000, pages 104-120, New York, NY, April 2000.
13. D. R. Kuhn. Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems. In Second ACM Workshop on Role-Based Access Control, pages 23-30, Fairfax, Virginia, November 1997. ACM.
14. J. D. Moffett. Control principles and access right inheritance through role hierarchies. In Third ACM Workshop on Role-Based Access Control, pages 63-69, Fairfax, Virginia, October 1998.
15. J. D. Moffett and E. C. Lupu. The uses of role hierarchies in access control. In Fourth ACM Workshop on Role-Based Access Control, pages 153-160, Fairfax, Virginia, October 1999.
16. M. Nyanchama and S. Osborn. Access rights administration in rote-based security systems. In J. Biskup, M. Morgernstern, and C. Landwehr, editors, Database Security VIII: Status and Prospects, 1995.
17. M. Nyanchama and S. Osborn. The role graph model and conflict of interest. ACM Transactions on Information and System Security, 2(1):3-33, Feb 1999.
18. J. Saltzer and M. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278-1308, September 1975.
19. R. Sandhu. Role activation hierarchies. In Third ACM Workshop on Role-Based Access Control, pages 33-40, Fairfax, Virginia, October 1998.
20. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-Based Access Control Models. Computer, 29(2):38-47, Feb. 1996.
21. R. T. Simon and M. E. Zurko. Separation of duty in role-based environments. In 10th IEEE Computer Security Foundations Workshop, pages 183-194, Rockport, Massachusetts, June 1997.
22. R. K. Thomas. Team-based access control (TMAC): A primitive for applying role-based access controls in collaborative environments. In Second ACM Workshop on Role-Based Access Control, pages 13-19, Fairfax, Virginia, November 1997.
23. R. K. Thomas and R. S. Sandhu. Task-based authorization controls (TBAC): A family of models for active and enterprise-oriented authorization management. In IFIP WG 11.3 Workshop on Database Security, Lake Tahoe, California, August 1997.
24. W. Wang. Team-and-role-based organizational context and access control for cooperative hypermedia environments. In ACM Hypertext'99, February 1999.