A financial institution's legacy mainframe access control system in light of the proposed NIST RBAC standard

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn 2002-January, Issue , 2002, Pages 382-390

  Marshall, Andrew D ^a  

^a TD Bank Financial Group   (Canada)

Author keywords

Access control; Banking; Computer security; Control systems; Data security; Databases; Loans and mortgages; NIST; Portfolios; Protection

Indexed keywords

COMPUTER CONTROL SYSTEMS; CONTROL SYSTEMS; DATABASE SYSTEMS; FINANCE; SECURITY OF DATA; SECURITY SYSTEMS;

BANKING; LOANS AND MORTGAGES; NIST; PORTFOLIOS; PROTECTION;

ACCESS CONTROL;

EID: 0242404056     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSAC.2002.1176310     Document Type: Conference Paper

References (5)

1. K. Beznosov. Requirements for access control: US healthcare domain. In Proceedings of the 3rd ACM Workshop on Role-Based Access Control (RBAC-98), pages 43-46, New York, Oct. 22-23 1998. ACM Press
2. D. F. Ferraiolo, R. Sandhu, S. Gavrila, D. R. Kuhn, and R. Chandramouli. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security, 4(3):224-274, Aug. 2001
3. T. Jaeger and J. E. Tidswell. Rebuttal to the NIST RBAC model proposal. In Proceedings of the 5th ACM Workshop on Role-Based Access Control (RBAC-00), pages 65-66, N.Y., July 26-27 2000. ACM Press
4. S. Osborn, R. Sandhu, and Q. Munawer. Configuring rolebased access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security, 3(2):85-106, May 2000
5. R. Sandhu. Role-based access control. In M. V. Zelkowitz, editor, The Engineering of Large Systems, volume 46 of Advances in Computers, pages 238-286. Academic Press, 1998