Information flow analysis of an RBAC system

Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002)

Volumn , Issue , 2002, Pages 163-166

  Osborn, Sylvia L ^a  

^a UNIVERSITY OF WESTERN ONTARIO   (Canada)

Author keywords

Mandatory access control; Role graphs; Role based access control

Indexed keywords

ALGORITHMS; COMPUTER SIMULATION; DATA PRIVACY; GRAPH THEORY; INFORMATION ANALYSIS; MATHEMATICAL MODELS;

INFORMATION FLOW ANALYSIS; LATTICE-BASED ACCESS CONTROL; MANDATORY ACCESS CONTROL; ROLE GRAPH; ROLE-BASED ACCESS CONTROL;

SECURITY OF DATA;

EID: 0242540384     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/507711.507738     Document Type: Conference Paper

References (7)

1. M. Nyanchama and S. L. Osborn. Access rights administration in role-based security systems. In J. Biskup, M. Morgenstern, and C. E. Landwehr, editors, Database Security, VIII, Status and Prospects WG11.3 Working Conference on Database Security, pages 37-56. North-Holland, 1994.
2. M. Nyanchama and S. L. Osborn. The role graph model and conflict of interest. ACM TISSEC, 2(1):3-33, 1999.
3. S. Osborn, R. Sandhu, and Q. Munawer. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans. Information and System Security, 3(2):1-23, 2000.
4. F. Rabitti, D. Woelk, and W. Kim. A model of authorization for object-oriented and semantic databases. In Proceedings of the International Conference on Extending Database Technology, Venice, Italy, Mar. 1988.
5. R. Sandhu. Lattice-based access control models. IEEE Computer, 26:9-19, Nov. 1993.
6. R. Sandhu, V. Bhamidipati, and Q. Munawer. The ARBAC97 model for role-based administration of roles. ACM Trans. on Information and Systems Security, 2(1):105-135, Feb. 1999.
7. R. Sandhu, E. Coyne, H. Feinstein, and C. Youman. Role-based access control models. IEEE Computer, 29:38-47, Feb. 1996.