An effective role administration model using organization structure

ACM Transactions on Information and System Security

Volumn 9, Issue 2, 2006, Pages 113-137

  Oh, Sejong ^a   Sandhu, Ravi ^b,c   Zhang, Xinwen ^b,c  

^a Dankook University   (South Korea)

^b GEORGE MASON UNIVERSITY   (United States)

^c George Mason University   (United States)

Author keywords

Access control; RBAC; Role administration; Role based access control

Indexed keywords

ROLE-BASED ACCESS CONTROL (RBAC);

DECENTRALIZED CONTROL; INDUSTRIAL MANAGEMENT; INFORMATION ANALYSIS; SECURITY SYSTEMS;

ENTERPRISE RESOURCE PLANNING;

EID: 33748319570     PISSN: 10949224     EISSN: 10949224     Source Type: Journal    
DOI: 10.1145/1151414.1151415     Document Type: Article

References (20)

1. BIBA, K. J. 1977. Integrity Considerations for Secure Computer Systems. Mitre Corp. Report No.TR3153, Bedford, MA. (Also available through Nat'l Technical Information Service, Spring-field, Va., Report No. NTIS AD-A039324.)
2. BELL, D.E. AND LAPADULA, L. J. 1975. Secure Computer Systems: Mathematical Foundations and Model. Mitre Corp. Report No. M74-244, Bedford, MA. (Also available through Nat'l Technical Information Service, Springfield, VA, Report No. NTIS AD-771543.)
3. CRAMTON, J. AND Loizou, G. 2002. Administrative scope and role hierarchy operations. In Proceedings of the 7th ACM Symposium on Access Control Models and Technologies (SACMAT2002). Monterey, CA.
4. IDS SHARE. Aris house. http:/ /www.ids-scheer.com
5. JOSHI, J. B. D., AREF, W. G., GHAFOOR, A., AND SPAFFORD, E. H. 2001. Security models for web-based applications. Communications of the ACM, 44, 2.
6. MOFFETT, J. D. 1998. Control principles and role hierarchies. In Proceedings of the 3rd ACM Workshop on Role-Based Access Control. Fairfax, VA.
7. MOFFETT, J. D. AND LUPU, E. C. 1999. The use of role hierarchies in access control. In Proceedings of the 4th ACM Workshop on Role-Based Access Control, Fairfax, VA.
8. NYANCHAMA, M. AND OSBORN, S. 1999. The role graph model and conflict of interest. ACM Transactions on Information and System Security, 2, 1, 3-33.
9. OH, S. AND PARK, S. 2001. An improved administration method on role-based access control in the enterprise environment. Journal of Information Science and Engineering 17, 921-944.
10. OSBORN, S. AND Guo, Y. 2000. Modeling users in role-based access control. In Proceedings of Fifth ACM Workshop on Role-Based. Access Control, 2000.
11. OSBORN, S., SANDHU, R., AND MUNAWER, Q. 2000. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security, 3, 2, 85-106.
12. PERWAIZ, N. AND SOMMERVILLE, I. 2001. Structured management of role-permission relationships. In Proceedings of 6th ACM Symposium on Access Control Models and Technologies. Chantilly, VA.
13. SANDHU, R. 1993. Lattice-Based Access Control Models. IEEE Computer, 26, 11.
14. SANDHU, R. AND BHAMIDIPATI, V. 1997a. The URA97 model for role-based user-role assignment. In Proceedings of IFIP WG 11.3 Workshop on Database Security. Lake Tahoe, CA.
15. SANDHU, R. AND BHAMIDIPATI, V. 1997b. The ARBAC97 model for role-based administration of Roles: Preliminary description and outline. In Proceedings of second ACM Workshop on Role-Based Access Control. Fairfax, VA.
16. SANDHU, R. AND MUNAWER, Q. 1998. The RRA97 model for role-based administration of role hierarchy. In Proceedings of the Annual Computer Security Applications Conference. Phoenix, AZ.
17. SANDHU, R., COYNE, E., FEINSTEIN H., AND YOUMAN, C. 1996. Role-based access control models. IEEE Computer, 29, 2, 38-47.
18. SANDHU, R. AND BHAMIDIPATI, V. 1999. Role-based administration of user-role assignment: The URA97 model and its Oracle implementation. Journal of Computer Security, 7.
19. SANDHU, R. AND MUNAWER, Q. 1999. The ARBAC99 model for administration of roles. In Proceedings of the Annual Computer Security Applications Conference. Phoenix, AZ.
20. SANDHU, R., BHAMIDIPATI V., AND MUNAWER, Q. 1999. The ARBAC97 model for role-based administration of roles. ACM Transactions on Information and System Security, 2, 1, 105-135.