UAQ: A framework for user authorization query processing in RBAC extended with hybrid hierarchy and constraints

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Volumn , Issue , 2008, Pages 83-91

  Zhang, Yue ^a   Joshi, James B D ^a  

^a UNIVERSITY OF PITTSBURGH   (United States)

Author keywords

Administration; Authorization; Hybrid hierarchy; RBAC; Role mapping

Indexed keywords

ADMINISTRATION; AUTHORIZATION; HYBRID HIERARCHY; RBAC; ROLE MAPPING;

CONFORMAL MAPPING; CONTROL SYSTEMS; QUERY PROCESSING; SECURITY SYSTEMS;

ACCESS CONTROL;

EID: 57349156959     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1377836.1377850     Document Type: Conference Paper

References (14)

1. S. M. Chandran, J. B. D. Joshi, "Towards Administration of a Hybrid Role Hierarchy", IEEE International Conference on Information Reuse and Integration, 2005.
2. T. H. Cormen, C. E. Leiserson, R. L. Rivest, and C. Stein, "Introduction to Algorithms", Second Edition, MIT Press, 2001, ISBN 0-262-03293-7
3. S. Du, and J. B. D. Joshi, "Supporting Authorization Query and Inter-domain Role Mapping in Presence of Hybrid Role Hierarchy," The 11th ACM Symposium on Access Control Models and Technologies, USA, June 2006.
4. D. Ferraiolo, R. Sandhu, S. Gavrila, D. Kuhn, and R. Chandramouli, "Proposed NIST standard for role-based access control," ACM Transactions on Information and Systems Security, vol. 4, no. 3, pp. 224-274, August 2001.
5. J. B. D. Joshi, E. Bertino, U. Latif, and A. Ghafoor, "Generalized Temporal Role Based Access Control Model," IEEE Transactions on Knowledge and Data Engineering, Volume 7, Issue 1, Jan. 2005.
6. J. B. D. Joshi, E. Bertino, and A. Ghafoor, "Temporal hierarchies and inheritance semantics for GTRBAC", In Proceedings of the 7th ACM symposium on Access control models and technologies, ACM Press, New York, NY, USA, 74-83.
7. James, B.D. Joshi, Elisa Bertino, Arif Ghafoor and Yue Zhang, "Formal Foundations for hybrid hierarchies in GTRBAC", accepted by ACM Transactions on Information and System Security.
8. Ninghui Li, Ji-Won Byun, Elisa Bertino, "A Critique of the ANSI Standard on Role-Based Access Control," IEEE Security and Privacy, vol. 5, no. 6, pp. 41-49, Nov/Dec, 2007
9. J. D. Moffett and E. C. Lupu, "The uses of role hierarchies in access control", Proceedings of the fourth ACM workshop on Role-based access control, Fairfax, Virginia, United States, 1999, pp. 153-160.
10. S. Piromruen, and J. B. D. Joshi, "An RBAC Framework for Time Constrained Secure Interoperation in Multi-domain Environment", IEEE Workshop on Object-oriented Realtime Databases (WORDS-2005), 2005.
11. R. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman, "Role-Based Access Control Models", IEEE Computer 29(2): 38-47, IEEE Press, 1996.
12. R. Sandhu, "Role activation hierarchies", Proceedings of the third ACM workshop on Role-based access control, Fairfax, Virginia, United States, 1998, pp. 33-40.
13. J.Barkley, A.V. Cincotta, D.F. Ferraiolo, S. Gavrila D.R. Kuhn, "Role Based Access Control for the World Wide Web", 20th National Computer Security Conference (1997)
14. Chen, L. and Crampton, J. 2007. Inter-domain role mapping and least privilege. In Proceedings of the 12th ACM Symposium on Access Control Models and Technologies (Sophia Antipolis, France, June 20 - 22, 2007). SACMAT '07. ACM, New York, NY, 157-162.