ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems
Full text PdfPdf (747 KB)
Source ACM Workshop on Role Based Access Control archive
Proceedings of the second ACM workshop on Role-based access control table of contents
Fairfax, Virginia, United States
Pages: 23 - 30  
Year of Publication: 1997
ISBN:0-89791-985-8
Author
D. Richard Kuhn  National Institute of Standards and Technology, Gaithersburg, Maryland
Sponsors
DC Chapter :
NIST : National Institue of Standards & Technology
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 7,   Downloads (12 Months): 48,   Citation Count: 34
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/266741.266749
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
R. Sandhu, E.J. Coyne, and C.E. Youman, editors. Proceedings of the First A CM Workshop on Role Based Access Control. ACM, 1996.
 
2
R.W. Baldwin. Naming and grouping privileges to simplify security management in large databases. In Proceedings, IEEE Computer Society Symposium on Research in Security and Privacy. IEEE Computer Society, 1990.
 
3
D.J. Thomsen. Role-based application design and enforcement. In Database Security IV: Status and Prospects. North-Holland, 1991.
 
4
D.F. Sterne. A TCB subset for integrity and rolebased access control. In 15th National Computer Security Conference. NIST/NSA, 1992.
 
5
D. Ferraiolo and D.R. Kuhn. Role based access control. In 15th National Computer Security Conference. NIST/NSA, 1992.
 
6
D. FerraioIo, J. Cugini, and D.R. Kuhn. Role based access control: Features and motivations. In Annual Computer Security Applications Conference. IEEE Computer Society Press, 1995.
 
7
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
 
8
Dirk Jonscher, Extending access control with duties—realized by active mechanisms, Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects, p.91-111, January 1993, Simon Fraser Univ., Vancouver, British Columbia, Canada
 
9
R. Sandhu. Transaction control expressions and separation of duties. In Proceedings, IEEE Computer Society Symposium on Research in Security and Privacy. IEEE Computer Society, 1988.
 
10
LouAnna Notargiacomo , Barbara T. Blaustein , Catherine D. McCollum, A Model of Integrity Separation of Duty for a Trusted DBMS, Proceedings of the IFIP WG11.3 Working Conference on Database Security VII, p.237-256, September 12-15, 1993
 
11
D. Clark and D.R. Wilson. Evolution of a model for computer integrity. In Proceedings, 11th National Computer Security Conference: a postscript. NIST/NSA, 1988.
 
12
M.J. Nash and K.R. Poland. Some conundrums concerning separation of duty. In Proceedings, 1990 IEEE symposium on computer security and privacy. IEEE, 1990.

CITED BY  34
James B. D. Joshi , Basit Shafiq , Arif Ghafoor , Elisa Bertino, Dependencies and separation of duty constraints in GTRBAC, Proceedings of the eighth ACM symposium on Access control models and technologies, June 02-03, 2003, Como, Italy
Jonathon E. Tidswell , Trent Jaeger, Integrated constraints and inheritance in DTAC, Proceedings of the fifth ACM workshop on Role-based access control, p.93-102, July 26-28, 2000, Berlin, Germany
Jonathon E. Tidswell , Trent Jaeger, An access control model for simplifying constraint expression, Proceedings of the 7th ACM conference on Computer and communications security, p.154-163, November 01-04, 2000, Athens, Greece
Elisa Bertino , Ravi Sandhu, Database Security-Concepts, Approaches, and Challenges, IEEE Transactions on Dependable and Secure Computing, v.2 n.1, p.2-19, January 2005
Thomas Hildmann , Jörg Barholdt, Managing trust between collaborating companies using outsourced role based access control, Proceedings of the fourth ACM workshop on Role-based access control, p.105-111, October 28-29, 1999, Fairfax, Virginia, United States
Trent Jaeger , Jonathon E. Tidswell, Practical safety in flexible access control models, ACM Transactions on Information and System Security (TISSEC), v.4 n.2, p.158-190, May 2001
Andreas Schaad , Jonathan D. Moffett, A lightweight approach to specification and analysis of role-based access control extensions, Proceedings of the seventh ACM symposium on Access control models and technologies, June 03-04, 2002, Monterey, California, USA
David F. Ferraiolo , John F. Barkley , D. Richard Kuhn, A role-based access control model and reference implementation within a corporate intranet, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.34-64, Feb. 1999
Ravi Sandhu, Role activation hierarchies, Proceedings of the third ACM workshop on Role-based access control, p.33-40, October 22-23, 1998, Fairfax, Virginia, United States
Gail-Joon Ahn , Ravi Sandhu, Role-based authorization constraints specification, ACM Transactions on Information and System Security (TISSEC), v.3 n.4, p.207-226, Nov. 2000
David F. Ferraiolo , Ravi Sandhu , Serban Gavrila , D. Richard Kuhn , Ramaswamy Chandramouli, Proposed NIST standard for role-based access control, ACM Transactions on Information and System Security (TISSEC), v.4 n.3, p.224-274, August 2001
Matunda Nyanchama , Sylvia Osborn, The role graph model and conflict of interest, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.3-33, Feb. 1999
Elisa Bertino , Piero Andrea Bonatti , Elena Ferrari, TRBAC: A temporal role-based access control model, ACM Transactions on Information and System Security (TISSEC), v.4 n.3, p.191-233, August 2001
Andreas Schaad , Jonathan Moffett, Separation, review and supervision controls in the context of a credit application process: a case study of organisational control principles, Proceedings of the 2004 ACM symposium on Applied computing, March 14-17, 2004, Nicosia, Cyprus
Gail-Joon Ahn , Ravi Sandhu, The RSL99 language for role-based separation of duty constraints, Proceedings of the fourth ACM workshop on Role-based access control, p.43-54, October 28-29, 1999, Fairfax, Virginia, United States
Sejong Oh , Seog Park, Task-role-based access control model, Information Systems, v.28 n.6, p.533-562, September 2003
Jason Crampton, On permissions, inheritance and role hierarchies, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA
Shih-Chien Chou, Embedding role-based access control model in object-oriented systems to protect privacy, Journal of Systems and Software, v.71 n.1-2, p.143-161, April 2004
Walt Yao , Ken Moody , Jean Bacon, A model of OASIS role-based access control and its support for active security, Proceedings of the sixth ACM symposium on Access control models and technologies, p.171-181, May 2001, Chantilly, Virginia, United States
Ravi Sandhu , David Ferraiolo , Richard Kuhn, The NIST model for role-based access control: towards a unified standard, Proceedings of the fifth ACM workshop on Role-based access control, p.47-63, July 26-28, 2000, Berlin, Germany
Giorgio Zanin , Luigi Vincenzo Mancini, Towards a formal model for security policies specification and validation in the selinux system, Proceedings of the ninth ACM symposium on Access control models and technologies, June 02-04, 2004, Yorktown Heights, New York, USA
Reinhardt A. Botha , Jan H. P. Eloff, Separation of duties for access control enforcement in workflow environments, IBM Systems Journal, v.40 n.3, p.666-682, March 2001
Jean Bacon , Ken Moody , Walt Yao, A model of OASIS role-based access control and its support for active security, ACM Transactions on Information and System Security (TISSEC), v.5 n.4, p.492-540, November 2002
Ninghui Li , Ziad Bizri , Mahesh V. Tripunitara, On mutually-exclusive roles and separation of duty, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA
Timothy Fraser , David Ferraiolo , Mikel L. Matthews , Casey Schaufler , Stephen Smalley , Robert Watson, Panel: which access control technique will provide the greatest overall benefit, Proceedings of the sixth ACM symposium on Access control models and technologies, p.141-149, May 2001, Chantilly, Virginia, United States
Hong Chen , Ninghui Li, Constraint generation for separation of duty, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
Andreas Schaad , Volkmar Lotz , Karsten Sohr, A model-checking approach to analysing organisational controls in a loan origination process, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
Jon A. Solworth, Approvability, Proceedings of the 2006 ACM Symposium on Information, computer and communications security, March 21-24, 2006, Taipei, Taiwan
Maria Luisa Damiani , Elisa Bertino , Barbara Catania , Paolo Perlasca, GEO-RBAC: A spatially aware RBAC, ACM Transactions on Information and System Security (TISSEC), v.10 n.1, p.2-es, February 2007
JuHum Kwon , Chang-Joo Moon, Visual modeling and formal specification of constraints of RBAC using semantic web technology, Knowledge-Based Systems, v.20 n.4, p.350-356, May, 2007
Ninghui Li , Mahesh V. Tripunitara , Ziad Bizri, On mutually exclusive roles and separation-of-duty, ACM Transactions on Information and System Security (TISSEC), v.10 n.2, p.5-es, May 2007
David F. Ferraiolo, An argument for the role-based access control model, Proceedings of the sixth ACM symposium on Access control models and technologies, p.142-143, May 2001, Chantilly, Virginia, United States
Radu Constantinescu , Andrei Toma , Iuliana Scorta , Floarea Nastase , Razvan Zota, V-model approach for role engineering, Proceedings of the WSEAES 13th international conference on Computers, p.148-152, July 23-25, 2009, Rodos, Greece
Stefanie Rinderle-Ma , Manfred Reichert, Comprehensive life cycle support for access rules in information systems: the CEOSIS project, Enterprise Information Systems, v.3 n.3, p.219-251, August 2009

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.2 DATABASE MANAGEMENT
      H.2.0 General
          Subjects: Security, integrity, and protection**

Additional Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS


General Terms:
Management, Security, Theory, Verification

Collaborative Colleagues:
D. Richard Kuhn: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player