A composite RBAC approach for large, complex organizations

Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002)

Volumn 9, Issue , 2004, Pages 163-172

  Park, Joon S ^a   Costello, Keith P ^a   Neven, Teresa M ^b   Diosomito, Josh A ^b  

^a SYRACUSE UNIVERSITY   (United States)

^b SYRACUSE UNIVERSITY   (United States)

Author keywords

RBAC; Role mappings; Role structures; Role based access control

Indexed keywords

COMPUTER OPERATING SYSTEMS; INFORMATION MANAGEMENT; LARGE SCALE SYSTEMS; LAWS AND LEGISLATION; OPTIMIZATION; PUBLIC POLICY; REDUNDANCY; STRATEGIC PLANNING;

RBAC; ROLE MAPPINGS; ROLE STRUCTURES; ROLE-BASED ACCESS CONTROL;

SECURITY OF DATA;

EID: 4143147395     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/990036.990063     Document Type: Conference Paper

References (23)

1. R. K. Thomas and R. S. Sandhu. Task-Based Authorization: A Paradigm for Flexible and Adaptable Access Control in Distributed Applications. Proceedings of the 16th NIST-NCSC National Computer Security Conference, Baltimore, MD, September 20-23, 1993.
2. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based Access Control Models. IEEE Computer, 29(2): 38-47, February 1996.
3. R. S. Sandhu, V. Bhamidipati, and Q. Munawer. The ARBAC97 Model for Role-based Administration of Roles. ACM Transactions on Information and System Security (TISSEC) Volume 2, Issue 1, February 1999.
4. Z. Zhang, E. Haffner, A. Heuer, T. Engel, Ch. Meinel. Role-based Access Control in Online Authoring and Publishing Systems vs. Document Hierarchy. Proceedings of the 17th Annual International Conference on Computer Documentation Table of Contents, New Orleans, Louisiana, United States, October 1999.
5. S. Osborne and G.Yuxia. Modeling Users in Role-Based Access Control. Proceedings of the 5th ACM Workshop on Role-based Access Control, Berlin, Germany, 2000.
6. H. Roeckle, G. Schimpf, and R. Weidinger. Process-oriented Approach for Role-finding to Implement Role-based Security Administration in a Large Industrial Organization. Proceedings of the 5th ACM Workshop on Role-Based Access Control, Berlin, Germany, July 26-27 2000.
7. R. S. Sandhu, D. Ferraiolo, and D. Kuhn. The NIST Model for Role-based Access Control: Towards a United Standard. Proceedings of the 5th ACM Workshop on Role-based Access Control, Berlin, Germany, July 26-27 2000.
8. R.S. Sandhu. Engineering Authority and Trust in Cyberspace: The OM-AM and RBAC Way. Proceedings of the 5th ACM Workshop on Role-Based Access Control, Berlin, Germany, July 26-27 2000.
9. J.S. Park, R.S. Sandhu, and G.-J. Ahn. Role-based Access Control on the Web. ACM Transactions on Information and System Security (TISSEC), Volume 4, Number 1, February 2001.
10. M.H. Kang, J.S. Park, and J.N. Froscher. Access Control Mechanisms for Inter-Organization Workflow. Proceedings of the 6th ACM Symposium on Access Control Model and Technologies (SACMAT), Chantilly, Virginia, May 3-4, 2001.
11. J.S. Park, M.H. Kang, and J.N. Froscher. A Secure Workflow System for Dynamic Cooperation. Proceedings of the 16th International Conference on Information Security (IFIP/SEC 2001), Paris, France, June 11-13, 2001.
12. R.S. Sandhu. Future Directions in Role-Based Access Control Models. Lecture Notes in Computer Science. Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security, 2001.
13. M.P. Gallaher, A.C. O'Connor, B. Kropp. National Institute for Standards & Technology (NIST), Technology Administration. The Economic Impact of Role-Based Access Control, March 2002. Retrieved 11/05/03 from the World Wide Web: http://www.nist.gov/director/prog-ofc/report021.pdf
14. A. Kern, M. Kuhlmann, A. Schaad, and J. Moffett. Observations on the Role Life-Cycle in the Context of Enterprise Security Management. Proceedings of the 7th ACM Symposium on Access Control Models and Technologies (SACMAT), Monterey, California, USA, June 2002.
15. L. Zhang, G.-J. Ahn, and B.-T. Chu. Applications: A Role-based Delegation Framework for Healthcare Information Systems. Proceedings of the 7th ACM Symposium on Access Control Models and Technologies (SACMAT), Monterey, California, USA, June 2002.
16. D. Shin, G.-J. Ahn, S. Cho, and S. Jin. Role Engineering: On Modeling System-centric Information for Role Engineering. Proceedings of the 8th ACM Symposium on Access Control Models and Technologies (SACMAT), Como, Italy, June 2003.
17. L. Zhang, G.-J. Ann, and B-T. Chu. A Rule-Based Framework for Role-Based Delegation and Revocation. ACM Transactions on Information and System Security (TISSEC) Volume 6, Issue 3, August 2003.
18. Organizational Chart. U.S. Department of Homeland Security. 2003. Retrieved 10/02/03 from the World Wide Web: http://www.dhs.gov/dhspublic/ interweb/assetlibrary/DHS_Org_Chart.ppt
19. National Strategy for Homeland Security: Office of Homeland Security. 2003. Retrieved 9/30/03 from the Department of Homeland Security via the World Wide Web: http://www.dhs.gov/dhspublic
20. What is the Mission of the New Department of Homeland Security? U.S. Department of Homeland Security. 2003. Retrieved 9/21/03 from the World Wide Web: http://www.dhs.gov/dhspublic/display?theme=10&content=429
21. nd Symposium on Intelligence and Security Informatics, Tucson, Arizona, June 10-11, 2004.
22. J.S. Park and R.S. Sandhu. Secure Cookies on the Web. IEEE Internet Computing, Volume 4, Number 4, July-August 2000.
23. J.S. Park and R.S. Sandhu. RBAC on the Web by Smart Certificates. Proceedings of the 4th ACM Workshop on Role-Based Access Control, Fairfax, Virginia, October 1999.