Obligations for role based access control

Proceedings - 21st International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINAW'07

Volumn 2, Issue , 2007, Pages 424-431

  Zhao, Gansen ^a   Chadwick, David ^a   Otenko, Sassa ^a  

^a UNIVERSITY OF KENT   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

DECISION THEORY; INFORMATION ANALYSIS; SECURITY SYSTEMS;

AUGMENTATION OF OBLIGATIONS; AUTHORIZATION DECISIONS; AUTHORIZATION INFRASTRUCTURE; SECURITY CRITICAL SYSTEMS;

ACCESS CONTROL;

EID: 35248863915     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/AINAW.2007.267     Document Type: Conference Paper

References (15)

1. Anne Anderson. OASIS Standard: Core and hierarchical role based access control (RBAC) profile of XACML v2.0, February 2005.
2. C. Bettini, S. Jajodia, X. Wang, and D. Wijesekera. Obligation Monitoring in Policy Management. In POLICY'02, 2002.
3. C.Bettini, S.Jajodia, X.Wang, and D.Wijesekera. Provisions and Obligations in Policy Management and Security Applications. In VLDB, 2002.
4. D.Chadwick and A.Otenko. The PERMIS X.509 Role Based Privilege Management Infrastructure. Future Generation Computer System, 19(2):277-289, 2003.
5. D.W. Chadwick and A. Otenko. RBAC Policies in XML for X.509 Based Privilege Management. In SEC2002. May 2002.
6. D.Ferraiolo and R.Kuhn. Role-based Access Control. In Proceedings of 15th National Computer Security Conference, 1992.
7. S. Gavrila and J. Barkley. Formal Specification for Role Based Access Control User/Role and Role/Role Relationship Management. In Third ACM Workshop on Role-Based Access Control, 1998.
8. D. Jonscher. Extending access controls with duties - realized by active mechanisms. In Database Security VI: Status and Prospects. 1993.
9. N.H. Minsky and A.D. Lockman. Ensuring integrity by adding obligations to privileges. In ICSE '85, 1985.
10. OASIS XACML TC. XACML 2.0 Core: extensible Access Control Markup Language (XACML) Version 2.0, Oct, 2005. Available on http://www.oasis-open.org/ committees/tc_home.php?wg_abbrev=xacml#XACML20.
11. R. Oppliger, G. Pernul, and C. Strauss. Using attribute certificates to implement role-based authorization and access controls. SIS 2000, 2000.
12. C. Ribeiro, A. Zuquete, and P. Ferreira. Enforcing Obligation with Security Monitors. ICICS '01, 2001.
13. R. Sandhu, D. Ferraiolo, and R. Kuhn. The NIST Model for Role Based Access Control: Towards a Unified Standard. In 5th ACM Workshop on Role Based Access Control, July 2000.
14. R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. Role-based access control models. IEEE Computer, 29(2), 1996.
15. ANSI INCITS 359-2004. Role Based Access Control. American National Standards Institute, Inc., February 2004.