Policy contexts: Controlling information flow in parameterised RBAC

Proceedings - POLICY 2003: IEEE 4th International Workshop on Policies for Distributed Systems and Networks

Volumn , Issue , 2003, Pages 99-110

  Belokosztolszki, A ^a   Eyers, David M ^a   Moody, K ^a  

^a UNIVERSITY OF CAMBRIDGE   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

ENVIRONMENTAL CONDITIONS; INFORMATION FLOWS; POLICY DESIGN; RBAC MODEL; RBAC POLICY; ROBUST MECHANISMS;

COMPUTER NETWORKS; INFORMATION SYSTEMS;

ACCESS CONTROL;

EID: 11244343640     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/POLICY.2003.1206964     Document Type: Conference Paper

References (15)

1. Jean Bacon, Ken Moody, and Walt Yao. A model of OASIS role-based access control and its support for active security. ACM Transactions on Information and System Security (TISSEC), 5(4):492-540, November 2002.
2. Andŕas Belokosztolszki and David Eyers. Shielding the OASIS RBAC infrastructure from cyber-terrorism. In Proceedings of the IFIP WG 11.3 Conference, 2002.
3. Andŕas Belokosztolszki and Ken Moody. Support for self-administration of OASIS RBAC policies. University of Cambridge, Computer Laboratory.
4. Andŕas Belokosztolszki and Ken Moody. Metapolicies for distributed role-based access control systems. In Policy 2002: IEEE 3rd International Workshop on Policies for Distributed Systems and Networks, pages 106-115, 2002.
5. Elisa Bertino, Piero Andrea Bonatti, and Elena Ferrari. TRBAC: A temporal role-based access control model. ACM Transactions on Information and System Security (TISSEC), 4(3):191-233, August 2001.
6. Michael J. Covington, Wende Long, Srividhya Srinivasan, Anind K. Dev, Mustaque Ahamad, and Gregory D. Abowd. Securing context-aware applications using environment roles. In Sixth ACM Symposium on Access Control Models and Technologies, pages 10-20, 2001.
7. Nicodemos Damianou, Naranker Dulay, Emil Lupu, and Morris Sloman. The ponder policy specification language. In Policies for Distributed Systems and Networks, International Workshop, POLICY 2001, Bristol, UK, pages 18-38, 2001.
8. Dorothy E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236-243, 1976.
9. Luigi Giuri. Role-based access control: a natural approach. In Proceedings of the first ACM workshop on Role-based access control, pages II-33-37, 1995.
10. Cheh Goh and Adrian Baldwin. Towards a more complete model of role. In Proceedings of the third ACM workshop on Role-based access control, pages 55-62, 1998.
11. Cheng Hian Goh, Stuart E. Madnick, and Michael D. Siegel. Context interchange: overcoming the challenges of large-scale interoperable database systems in a dynamic environment. In Proceedings of the third international conference on Information and knowledge management, pages 337-346. ACM Press, 1994.
12. Emil Lupu and Morris Sloman. Reconciling role based management and role based access control. In Proceedings of the second ACM workshop on Rolebased access control, pages 135-141, 1997.
13. Ravi Sandhu, Venkata Bhamidipati, Edward Coyne, Srinivas Ganta, and Charles Youman. The ARBAC97 model for role-based administration of roles: preliminary description and outline. In Proceedings of the second ACM workshop on Role-based access control, pages 41-50, 1997.
14. Ravi Sandhu, Edward Coyne, Hal L. Feinstein, and Charles E. Youman. Role-based access control models. IEEE Computer, 29(2):38-47, 1996.
15. Ravi Sandhu, David Ferraiolo, and Richard Kuhn. The NIST model for role-based access control: towards a unified standard. In Proceedings of the fifth ACM workshop on Role-based access control, pages 47-63, 2000.