Specifying and enforcing constraints in role-based access control

Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002)

Volumn , Issue , 2003, Pages 43-50

  Crampton, Jason ^a  

^a UNIVERSITY OF LONDON   (United Kingdom)

Author keywords

Authorization constraint; Enforcement context; Role based access control; Separation of duty constraint

Indexed keywords

COMPUTER HARDWARE DESCRIPTION LANGUAGES; COMPUTER SIMULATION; INFORMATION MANAGEMENT; OBJECT ORIENTED PROGRAMMING; SEMANTICS; SET THEORY;

AUTHORIZATION CONSTRAINT; ENFORCEMENT CONTEXT; ROLE-BASED ACCESS CONTROL;

SECURITY OF DATA;

EID: 0242540379     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/775418.775419     Document Type: Conference Paper

References (16)

1. Abadi, M., and Fournet, C. Access control based on execution history. In Proceedings of 10th Annual Network and Distributed System Security Symposium (2003). To appear.
2. Ahn, G.-J., and Sandhu, R. Role-based authorization constraints specification. ACM Transactions on Information and System Security 3, 4 (2000), 207-226.
3. Bell, D., and LaPadula, L. Secure computer systems: Unified exposition and Multics interpretation. Tech. Rep. MTR-2997, Mitre Corporation, Bedford, Massachusetts, 1976.
4. Bertino, E., Ferrari, E., and Atluri, V. The specification and enforcement of authorization constraints in workflow management systems. ACM Transactions on Information and System Security 2, 1 (1999), 65-104.
5. Brewer, D., and Nash, M. The Chinese Wall security policy. In Proceedings of 1989 IEEE Symposium on Security and Privacy (Oakland, California, 1989), IEEE Computer Society Press, pp. 206-214.
6. Clark, D., and Wilson, D. A comparison of commercial and military computer security policies. In Proceedings of 1987 IEEE Symposium on Security and Privacy (Oakland, California, 1987), pp. 184-194.
7. Crampton, J., and Loizou, G. Structural complexity of conflict of interest policies. Tech. Rep. BBKCS-00-07, Birkbeck College, University of London, 2000.
8. Edjlali, G., Acharya, A., and Chaudhary, V. History-based access control for mobile code. In Proceedings of Fifth ACM Conference on Computer and Communications Security (1998), pp. 38-48.
9. Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, D., and Chandramouli, R. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security 4, 3 (2001), 224-274.
10. Gavrila, S., and Barkley, J. Formal specification for role based access control user/role and role/role relationship management. In Proceedings of Third ACM Workshop on Role-Based Access Control (Fairfax, Virginia, 1998), pp. 81-90.
11. Gligor, V., Gavrila, S., and Ferraiolo, D. On the formal definition of separation-of-duty policies and their composition. In Proceedings of 1998 IEEE Symposium on Research in Security and Privacy (Oakland, California, 1998), pp. 172-183.
12. Jaeger, T., and Tidswell, J. Practical safety in flexible access control models. ACM Transactions on Information and System Security 4, 2 (2001), 158-190.
13. Nyanchama, M., and Osborn, S. The role graph model and conflict of interest. ACM Transactions on Information and System Security 2, 1 (1999), 3-33.
14. Sandhu, R. Transaction control expressions for separation of duties. In Proceedings of 4th Aerospace Computer Security Conference (Orlando, Florida, 1988), pp. 282-286.
15. Sandhu, R., Coyne, E., Feinstein, H., and Youman, C. Role-based access control models. IEEE Computer 29, 2 (1996), 38-47.
16. Simon, R., and Zurko, M. Separation of duty in role-based environments. In Proceedings of 10th IEEE Computer Security Foundations Workshop (Rockport, Massachusetts, 1997), pp. 183-194.