Administrative scope: A foundation for role-based administrative models

ACM Transactions on Information and System Security

Volumn 6, Issue 2, 2003, Pages 201-231

  Crampton, Jason ^a,b   Loizou, George ^a  

^a UNIVERSITY OF LONDON   (United Kingdom)

^b UNIVERSITY OF LONDON   (United Kingdom)

Author keywords

Administrative scope; Encapsulated range; Role hierarchy operation; Role based access control; Role based administration

Indexed keywords

ADMINISTRATIVE SCOPE; ENCAPSULATED RANGE; ROLE HIERARCHY OPERATION; ROLE-BASED ACCESS CONTROL; ROLE-BASED ADMINISTRATION;

ALGORITHMS; COMPUTER OPERATING SYSTEMS; CONSTRAINT THEORY; DISTRIBUTED COMPUTER SYSTEMS; GRAPH THEORY; HIERARCHICAL SYSTEMS; INFORMATION MANAGEMENT; MATHEMATICAL MODELS; SECURITY OF DATA;

INFORMATION TECHNOLOGY;

EID: 3142510989     PISSN: 10949224     EISSN: None     Source Type: Journal    
DOI: 10.1145/762476.762478     Document Type: Article

References (23)

1. AHN, G.-J. AND SANDHU, R. 2000. Role-based authorization constraints specification. ACM Trans. Inf. Syst. Sec. 3, 4, 207-226.
2. BARKLEY, J. 1997. Comparing simple role-based access control models and access control lists. In Proceedings of Second ACM Workshop on Role-Based Access Control (Fairfax, VA), 127-132.
3. BELL, D. AND LAPADULA, L. 1973. Secure computer systems: mathematical foundations. Tech. Rep. MTR-2547, vol. I, Mitre Corporation, Bedford, MA.
4. CRAMPTON, J. 2002. Authorizations and antichains. Ph.D. thesis, Birkbeck College, Univ. of London, UK. Available at http://www.isg.rhul.ac.uk/~umai001/ Pubs/thesis.pdf.
5. DAVEY, B. AND PRIESTLEY, H. 1990. Introduction to Lattices and Order. Cambridge University Press, Cambridge, UK.
6. FRIBERG, C. AND HELD, A. 1997. Support for discretionary role-based access control in ACL-oriented operating systems. In Proceedings of Second ACM Workshop on Role-Based Access Control (Fairfax, VA), 83-93.
7. GAVRILA, S. AND BARKLEY, J. 1998. Formal specification for role based access control user/role and role/role relationship management. In Proceedings of Third ACM Workshop on Role-Based Access Control (Fairfax, VA), 81-90.
8. GLIGOR, V. 1995. Characteristics of role-based access control. In Proceedings of First ACM Workshop on Role-Based Access Control (Gaithersburg, MD), II9-II14.
9. GOH, C. AND BALDWIN, A. 1998. Towards a more complete model of role. In Proceedings of Third ACM Workshop on Role-Based Access Control (Fairfax, VA), 55-61.
10. HARRISON, M., RUZZO, W., AND ULLMAN, J. 1976. Protection in operating systems. Commun. ACM 19, 8, 461-471.
11. HUA, L. AND OSBORN, S. 1998. Modeling UNIX access control with a role graph. In Proceedings of International Conference on Computers and Information (Winnepeg, MB, Canada).
12. JOSHI, J., GHAFOOR, A., AREF, W., AND SPAFFORD, E. 2001. Digital government security infrastructure design challenges. IEEE Comput. 34, 2, 66-72.
13. KOCH, M., MANCINI, L. V., AND PARISI-PRESICCE, F. 2002. A graph-based formalism for RBAC. ACM Trans. Inf. Syst. Sec. 5, 3, 332-365.
14. MOFFETT, J. AND LUPU, E. 1999. The uses of role hierarchies in access control. In Proceedings of Fourth ACM Workshop on Role-Based Access Control (Fairfax, VA), 153-160.
15. MUNAWER, Q. AND SANDHU, R. 1999. Simulation of the augmented typed access matrix model (ATAM) using roles. In Proceedings INFOSECU99 International Conference on Information Security.
16. NYANCHAMA, M. AND OSBORN, S. 1999. The role graph model and conflict of interest. ACM Trans. Inf. Syst. Sec. 2, 1, 3-33.
17. OSBORN, S., SANDHU, R., AND MUNAWER, Q. 2000. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans. Inf. Syst. Sec. 3, 2, 85-106.
18. SADIGHT FIROZABADI, B. AND SERGOT, M. 1999. Power and permissions in security systems. In Proceedings of 7th International Workshop on Security Protocols, B. Christianson, B. Crispo, J. Malcolm, and M. Roe, Eds. Cambridge, UK, 48-59.
19. SANDHU, R., BHAMIDIPATI, V., AND MUNAWER, Q. 1999. The ARBAC97 model for role-based administration of roles. ACM Trans. Inf. and Syst. Sec. 1, 2, 105-135.
20. SANDHU, R., COYNE, E., FEINSTEIN, H., AND YOUMAN, C. 1996. Role-based access control models. IEEE Comput. 29, 2, 38-47.
21. SANDHU, R., FERRAIOLO, D., AND KUHN, D. 2000. The NIST model for role-based access control: towards a unified standard. In Proceedings of Fifth ACM Workshop on Role-Based Access Control (Phoenix, AZ), 47-63. Available at http://www.acm.org/sigsac/nist.pdf.
22. SANDHU, R. AND MUNAWER, Q. 1998. How to do discretionary access control using roles. In Proceedings of Third ACM Workshop on Role-Based Access Control (Fairfax, VA), 47-54.
23. YAO, W., BACON, J., AND MOODY, K. 2001. A role-based access control model for supporting active security in OASIS. In Proceedings of Sixth ACM Symposium on Access Control Models and Technologies (Chantilly, VA), 171-181.