A Graph-Based Formalism for RBAC

ACM Transactions on Information and System Security

Volumn 5, Issue 3, 2002, Pages 332-365

  Koch, Manuel ^a   Mancini, Luigi V ^b   Parisi Presicce, Francesco ^b  

^a FREIE UNIVERSITÄT BERLIN   (Germany)

^b SAPIENZA UNIVERSITY OF ROME   (Italy)

Author keywords

Access control in information systems; Administration; Correctness; Decentralized; Design; Graph transformations; Management; Permission management; Role Based access control; Security

Indexed keywords

EID: 85008430937     PISSN: 10949224     EISSN: 15577406     Source Type: Journal    
DOI: 10.1145/545186.545191     Document Type: Article

References (18)

1. AHO, A. V., GAREY, M. R., AND ULLMAN, J. D. 1972. The transitive reduction of a directed graph. SIAM J. Comput. 1, 2, 131-137.
2. BALDWIN, R. 1990. Naming & grouping privileges to simplify security management in large databases. In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy. IEEE Computer Society Press, Los Alamitos, Calif., pp. 116-132.
3. EHRIG, H., ENGELS, G., KREOWSKI, H.-J., AND ROZENBERG, G., EDS. 1999. Handbook of Graph Grammars and Computing by Graph Transformations. Vol. II: Applications, Languages, and Tools. World Scientific.
4. FERRAIOLO, D. F., SANDHU, R., GAVRILA, S., KUHN, D. R., AND CHANDRAMOULI, R. 2001. Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secu. 4, 3, 222-274.
5. GAVRILA, S. I. AND BARKLEY, J. F. 1998. Formal specification for role based access control user/role and role/role relationship management. In Proceedings of 3rd ACM Workshop on Role-Based Access Control. ACM, New York, pp. 81-90.
6. GROSSE-RHODE, M., PARISI-PRESICCE, F., AND SIMEONI, M. 2000. Refinements of graph transformation systems via rule expressions. In Proceedings of TAGT'98, H. Ehrig, G. Engels, H.-J. Kreowski, and G. Rozenberg, eds. Lecture Notes in Computer Science, vol. 1764. Springer-Verlag, New York, pp. 368-382.
7. HECKEL, R., AND WAGNER, A. 1995. Ensuring consistency of conditional graph grammars-A constructive approach. In Proceedings of SEGRAGRA'95, Volume 2 of Electronic Notes of TCS A. Corradini, and U. Montanari, eds. Elsevier North-Holland, Amsterdam, The Netherlands, pp. 95-103. http://www.elsevier.nl/locate/entcs/volume2.html.
8. KOCH, M., MANCINI, L. V., AND PARISI-PRESICCE, F. 2000. A formal model for role-based access control using graph transformation. In Proceedings of the 6th European Symposium on Research in Computer Security (ESORICS 2000) F. Cuppens. et al. eds. Lecture Notes in Computer Science, vol. 1895. Springer Verlag, New York, pp. 122-139.
9. KOCH, M., MANCINI, L. V., AND PARISI-PRESICCE, F. 2001. On the specification and evolution of access control policies. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies ACM, New York, pp. 121-130.
10. KOCH, M., MANCINI, L. V., AND PARISI-PRESICCE, F. 2002. Decidability of safety in graph-based models for access control. In Proceedings of the 7th European Symposium on Research in Computer Security (ESORICS 2002), Lecture Notes in Computer Science, to appear.
11. NYANCHAMA, M., AND OSBORN, S. 1994. Access right administration in role-based security systems. In Proceedings of IFIP WG 11.3 Database Security, Vol. VIII. North Holland, Amsterdam, The Netherlands, pp. 37-56.
12. NYANCHAMA, M., AND OSBORN, S. 1999. The role graph model and conflict of interest. ACM Trans. Inf. Syst. Sec. 1, 2, 3-33.
13. OSBORN, S., SANDHU, R., AND MUNAWER, Q. 2000. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans. Inf. Syst. Sec. 3, 2, 85-106.
14. ROZENBERG, G., ED. 1997. Handbook of Graph Grammars and Computing by Graph Transformations. Vol. I: Foundations. World Scientific.
15. SANDHU, R. S. 1998. Role-based access control. In Advances in Computers, Vol. 46. Academic Press, Orlands, Fla.
16. SANDHU, R. S., BHAMIDIPATI, V., AND MUNAWER, Q. 1999. The ARBAC97 model for role-based administration of roles. ACM Transactions on Information and System Security 2, 1, 105-135.
17. SANDHU, R. S., COYNE, E., FEINSTEIN, H., AND YOUMAN, C. 1996. Role-based access control models. IEEE Comput. 29, 2, 38-47.
18. SANDHU, R., FERRAIOLO, D., AND KUHN, R. 2000. The NIST Model for Role-Based Access Control: Towards A Unified Standard. In Proceedings of the 5th ACM Workshop on Role-Based Access Control. ACM, New York, pp. 47-63.