Mandatory access control and role-based access control revisited

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Mandatory access control and role-based access control revisited

Full text

Pdf (738 KB)

Source

ACM Workshop on Role Based Access Control archive
Proceedings of the second ACM workshop on Role-based access control table of contents

Fairfax, Virginia, United States

Pages: 31 - 40

Year of Publication: 1997

ISBN:0-89791-985-8

Author

Sylvia Osborn

Department of Computer Science, The University of Western Ontario, London, Ontario, Canada N6A-5B7

Sponsors

DC Chapter :
NIST : National Institue of Standards & Technology
SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 10, Downloads (12 Months): 84, Citation Count: 15

Additional Information:

references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/266741.266751 What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	D.E. Bell and L.J. La Padula. Secure Computer System: Unified Exposition & Multics interpret, at, ion. Technical report, Technical Report MTIS AD-A023588, MITRE Corporation, 1975.
	2	Silvana Castano , Maria Grazia Fugini , Giancarlo Martella , Pierangela Samarati, Database security, ACM Press/Addison-Wesley Publishing Co., New York, NY, 1995
	3	Matunda Nyanchama, Commercial integrity, roles and object orientation, University of Western Ontario, Ont., Canada, 1996
	4	Matunda Nyanchama , Sylvia L. Osborn, Access Rights Administration in Role-Based Security Systems, Proceedings of the IFIP WG11.3 Working Conference on Database Security VII, p.37-56, August 23-26, 1994
	5	Matunda Nyanchama , Sylvia Osborn, Modeling mandatory access control in role-based security systems, Proceedings of the ninth annual IFIP TC11 WG11.3 working conference on Database security IX : status and prospects: status and prospects, p.129-144, January 1996, Rennselaerville, New York, United States
	6	Ravi S. Sandhu, Lattice-Based Access Control Models, Computer, v.26 n.11, p.9-19, November 1993 [doi>10.1109/2.241422]
	7	Ravi S. Sandhu, Role Hierarchies and Constraints for Lattice-Based Access Controls, Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security, p.65-79, September 25-27, 1996
	8	Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996 [doi>10.1109/2.485845]
	9	Proceedings of the first ACM Workshop on Role-based access control, December 1996

CITED BY 15

	Sylvia Osborn , Ravi Sandhu , Qamar Munawer, Configuring role-based access control to enforce mandatory and discretionary access control policies, ACM Transactions on Information and System Security (TISSEC), v.3 n.2, p.85-106, May 2000
	Jonathon E. Tidswell , Trent Jaeger, An access control model for simplifying constraint expression, Proceedings of the 7th ACM conference on Computer and communications security, p.154-163, November 01-04, 2000, Athens, Greece
	Matunda Nyanchama , Sylvia Osborn, The role graph model and conflict of interest, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.3-33, Feb. 1999
	D. Richard Kuhn, Role based access control on MLS systems without kernel changes, Proceedings of the third ACM workshop on Role-based access control, p.25-32, October 22-23, 1998, Fairfax, Virginia, United States
	Trent Jaeger , Jonathon E. Tidswell, Practical safety in flexible access control models, ACM Transactions on Information and System Security (TISSEC), v.4 n.2, p.158-190, May 2001
	Cungang Yang , Chang N. Zhang, An approach to secure information flow on Object Oriented Role-based Access Control model, Proceedings of the 2003 ACM symposium on Applied computing, March 09-12, 2003, Melbourne, Florida
	Shih-Chien Chou, Embedding role-based access control model in object-oriented systems to protect privacy, Journal of Systems and Software, v.71 n.1-2, p.143-161, April 2004
	Bo Luo , Dongwon Lee , Wang-Chien Lee , Peng Liu, QFilter: fine-grained run-time XML access control via NFA-based query rewriting, Proceedings of the thirteenth ACM international conference on Information and knowledge management, November 08-13, 2004, Washington, D.C., USA
	Shih-Chien Chou, Providing flexible access control to an information flow control model, Journal of Systems and Software, v.73 n.3, p.425-439, November-December 2004
	Mahesh V. Tripunitara , Ninghui Li, Comparing the expressive power of access control models, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA
	Sylvia Osborn, Integrating role graphs: a tool for security integration, Data & Knowledge Engineering, v.43 n.3, p.317-333, December 2002
	Shih-Chien Chou , Chin-Yi Chang, An information flow control model for C applications based on access control lists, Journal of Systems and Software, v.78 n.1, p.84-100, October 2005
	Shih-Chien Chou , Yuan-Chien Chen, Managing role relationships in an information flow control model, Journal of Systems and Software, v.79 n.4, p.507-522, April 2006
	Mahesh V. Tripunitara , Ninghui Li, A theory for comparing the expressive power of access control models, Journal of Computer Security, v.15 n.2, p.231-272, April 2007
	Mustafa M. Kocatürk , Taflan İ. Gündem, A Fine-Grained Access Control System Combining MAC and RBACK Models for XML, Informatica, v.19 n.4, p.517-534, December 2008