ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Specifying and managing role-based access control within a corporate intranet
Full text PdfPdf (725 KB)
Source ACM Workshop on Role Based Access Control archive
Proceedings of the second ACM workshop on Role-based access control table of contents
Fairfax, Virginia, United States
Pages: 77 - 82  
Year of Publication: 1997
ISBN:0-89791-985-8
Authors
David Ferraiolo  National Institute of Standards and Technology, Gaithersburg, Maryland
John Barkley  National Institute of Standards and Technology, Gaithersburg, Maryland
Sponsors
DC Chapter :
NIST : National Institue of Standards & Technology
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 6,   Downloads (12 Months): 29,   Citation Count: 6
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/266741.266761
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
David F. Ferraiolo, Dennis M. Gilbert, Nickilyn Lynch, "An Examination of Federal and Commercial Access Control Policy Needs," Proceedings of the 16th NIST- NSA National Computer Security Conference, Baltimore, MD, 20-23 September 1993.
 
2
Imtiaz Mohammed , David M. Dilts, Design for dynamic user-role-based security, Computers and Security, v.13 n.9, p.661-671, Oct. 1994  [doi>10.1016/0167-4048(94)90048-5]
 
3
David F. Ferraiolo and Richard Kuhn, "Role-Based Access Control," Proceedings of the 15th NIST-NSA National Computer Security Conference, Baltimore, MD, ! 3-16 October 1992.
 
4
David F. Ferraiolo, Janet A. Cugini, D. Richard Kuhn, "'Role-Based Access Control: Features and Motivations," Proceedings l lth Annual Computer Security Applications Conference, New Orleans, LA, December 1995.
 
5
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
 
6
Department of Defense, Trusted Computer Security Evaluation Criteria, DoD 5200.28-STD, 1985.
 
7
National Computer Security Center, A Guide to Understanding Discretionary Access Control in Trusted Systems, NCSC-TG-003, September 1987.
 
8
Hal In. Feinstein, et al., Final Report: Small Business Innovcltion Research (SBIR): Role-Based Access Control: Phase 1, Mcl,ean, VA, SETA Corporation, January 20, 1995.
 
9
Virgil Gligor, RBAC Security Policy Model, Preliminary Draft Report, R23 Research and Development Department of the National Security Agency, April 1995.
 
10
Virgil Gligor, J. Huskamp, S. Welke, C. Linn, and W. T. Mayfield, Traditional Capability-Based Systems: An Analysis of Their Ability to Meet the Trusted Computer Security Evaluation Criteria, IDA Paper P-1935, October 1986.
 
11
D. E. Bell and L. J. LaPadula, Secure Computer Systems: Mathematical Foundations, Technical Report. ESD- TR-73-278, Volume l, The MITRE Corporation, Bedford, MA, March I973.
 
12
S. H. von Solms , Isak van der Merwe, The management of computer security profiles using a role-oriented approach, Computers and Security, v.13 n.9, p.673-680, Oct. 1994  [doi>10.1016/0167-4048(94)90049-3]

CITED BY  6
Glenn Faden, RBAC in UNIX administration, Proceedings of the fourth ACM workshop on Role-based access control, p.95-101, October 28-29, 1999, Fairfax, Virginia, United States
Ravi Sandhu , Joon S. Park, Decentralized user-role assignment for Web-based intranets, Proceedings of the third ACM workshop on Role-based access control, p.1-12, October 22-23, 1998, Fairfax, Virginia, United States
Ravi Sandhu, Role activation hierarchies, Proceedings of the third ACM workshop on Role-based access control, p.33-40, October 22-23, 1998, Fairfax, Virginia, United States
S. V. Raghavan , N. Dhyanesh, Formal description of perfect security, Proceedings of the 15th international conference on Computer communication, p.1113-1131, August 12-14, 2002, Mumbai, Maharashtra, India
Steve Neely , Helen Lowe , David Eyers , Jean Bacon , Julian Newman , Xiaofeng Gong, An architecture for supporting vicarious learning in a distributed environment, Proceedings of the 2004 ACM symposium on Applied computing, March 14-17, 2004, Nicosia, Cyprus
William Tolone , Gail-Joon Ahn , Tanusree Pai , Seng-Phil Hong, Access control in collaborative systems, ACM Computing Surveys (CSUR), v.37 n.1, p.29-41, March 2005

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

Additional Classification:
  H. Information Systems
  H.3 INFORMATION STORAGE AND RETRIEVAL
      H.3.4 Systems and Software

          Nouns: World Wide Web (WWW)

  J. Computer Applications
  J.1 ADMINISTRATIVE DATA PROCESSING
      Subjects: Business


General Terms:
Human Factors, Security

Collaborative Colleagues:
David Ferraiolo: colleagues
John Barkley: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player