ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Decentralized user-role assignment for Web-based intranets
Full text PdfPdf (1.35 MB)
Source Symposium on Access Control Models and Technologies archive
Proceedings of the third ACM workshop on Role-based access control table of contents
Fairfax, Virginia, United States
Pages: 1 - 12  
Year of Publication: 1998
ISBN:1-58113-113-5
Authors
Ravi Sandhu  Laboratory for Information Security Technology, Information and Software Engineering Department, George Mason University
Joon S. Park  Laboratory for Information Security Technology, Information and Software Engineering Department, George Mason University
Sponsors
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM Wash. DC Chap. : ACM Washington DC Chapter
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 4,   Downloads (12 Months): 21,   Citation Count: 12
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/286884.286887
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

Bar97
Larry S. Bartz, hyperDRIVE: leveraging LDAP to implement RBAC on the Web, Proceedings of the second ACM workshop on Role-based access control, p.69-74, November 06-07, 1997, Fairfax, Virginia, United States  [doi>10.1145/266741.266759]
 
BCF+97
John Barkley, Anthony Cincotta, David Ferraiolo, Serban Gavrilla, and Richard Kuhn. Role based access control for the World Wide Web. Technical report, National institute of Standards and Technology, 1997.
FB97
David Ferraiolo , John Barkley, Specifying and managing role-based access control within a corporate intranet, Proceedings of the second ACM workshop on Role-based access control, p.77-82, November 06-07, 1997, Fairfax, Virginia, United States  [doi>10.1145/266741.266761]
 
FCK95
David Ferraiolo, Janet Cugini, and Richard Kuhn. Role-based access control (RBAC): Features and motivations. In Proceedings of 11th Annual Computer Security Application Conference, pages 241-48, New Orleans, LA, December 11-15 1995.
 
FK92
David Ferraiolo and Richard Kuhn. Rolebased access controls. In Proceedings of 15th NIST-NCSC National Computer Security Conference, pages 554-563, Baltimore, MD, October 13-16 1992.
 
GI96
Luigi Giuri , Pietro Iglio, A Formal Model for Role-Based Access Control with Constraints, Proceedings of the Ninth IEEE Computer Security Foundations Workshop, p.136, March 10-12, 1996
 
Gui95
Luigi Guiri. A new model for role-based access control. In Proceedings of 11th Annual Computer Security Application Conference, pages 249-255, New Orleans, LA, December 11-15 1995.
 
HDT95
M.-Y. Hu, S.A. Demurjian, and T.C. Ting. User-role based security in the ADAM object-oriented design and analyses environment. In J. Biskup, M. Morgernstern, and C. Landwehr, editors, Database Security VIII: Status and Prospects. North- Holland, 1995.
 
MD94
Imtiaz Mohammed , David M. Dilts, Design for dynamic user-role-based security, Computers and Security, v.13 n.9, p.661-671, Oct. 1994  [doi>10.1016/0167-4048(94)90048-5]
 
Neu94
B. Clifford Neuman. Using Kerberos for authentication on computer networks. IEEE Communications, 32(9), 1994.
 
NO95
Matunda Nyanchama and Sylvia Osborn. Access rights administration in role-based security systems. In J. Biskup, M. Morgernstern, and C. Landwehr, editors, Database Security VIII: Status and Prospects. North- Holland, 1995.
 
PP95
Tom Parker and Denis Pinkas. SESAME V4 - OVERVIEW, December 1995. SESAME Technology version 4.
 
SA98
Ravi Sandhu and Gail-Joon Ahn. Decentralized group hieraches in unix: An experiment and lessons learned. In Proceedings of 21st NIST-NCSC National Information Systems Security Conference, Arlington, VA, October 5-8 1998.
San97
Ravi Sandhu, Rationale for the RBAC96 family of access control models, Proceedings of the first ACM Workshop on Role-based access control, p.9-es, November 30-December 02, 1995, Gaithersburg, Maryland, United States  [doi>10.1145/270152.270167]
 
SB97
Ravi S. Sandhu , Venkata Bhamidipati, The URA97 Model for Role-Based User-Role Assignment, Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects, p.262-275, August 10-13, 1997
SBC+97
Ravi Sandhu , Venkata Bhamidipati , Edward Coyne , Srinivas Ganta , Charles Youman, The ARBAC97 model for role-based administration of roles: preliminary description and outline, Proceedings of the second ACM workshop on Role-based access control, p.41-50, November 06-07, 1997, Fairfax, Virginia, United States  [doi>10.1145/266741.266752]
 
SCFY96
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
 
TC97
Zahir Tari , Shun-Wu Chan, A Role-Based Access Control for Intranet Security, IEEE Internet Computing, v.1 n.5, p.24-34, September 1997  [doi>10.1109/4236.623965]
 
vSvdM94
S. H. von Solms , Isak van der Merwe, The management of computer security profiles using a role-oriented approach, Computers and Security, v.13 n.9, p.673-680, Oct. 1994  [doi>10.1016/0167-4048(94)90049-3]
YCS97
Proceedings of the first ACM Workshop on Role-based access control, December 1996

CITED BY  12
Najam Perwaiz, Structured management of role-permission relationships, Proceedings of the sixth ACM symposium on Access control models and technologies, p.163-169, May 2001, Chantilly, Virginia, United States
Hua Wang , Yanchun Zhang , Jinli Cao, Formal authorisation allocation approaches for permission-role assignments using relational algebra operations, Proceedings of the fourteenth Australasian database conference, p.125-133, February 01, 2003, Adelaide, Australia
Ravi Sandhu , Venkata Bhamidipati , Qamar Munawer, The ARBAC97 model for role-based administration of roles, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.105-135, Feb. 1999
Joon S. Park , Ravi Sandhu, RBAC on the Web by smart certificates, Proceedings of the fourth ACM workshop on Role-based access control, p.1-9, October 28-29, 1999, Fairfax, Virginia, United States
Konstantin Beznosov , Yi Deng, A framework for implementing role-based access control using CORBA security service, Proceedings of the fourth ACM workshop on Role-based access control, p.19-30, October 28-29, 1999, Fairfax, Virginia, United States
Gail-Joon Ahn , Ravi Sandhu , Myong Kang , Joon Park, Injecting RBAC to secure a Web-based workflow system, Proceedings of the fifth ACM workshop on Role-based access control, p.1-10, July 26-28, 2000, Berlin, Germany
Joon S. Park , Ravi Sandhu , Gail-Joon Ahn, Role-based access control on the web, ACM Transactions on Information and System Security (TISSEC), v.4 n.1, p.37-71, Feb. 2001
Ravi Sandhu, Engineering authority and trust in cyberspace: the OM-AM and RBAC way, Proceedings of the fifth ACM workshop on Role-based access control, p.111-119, July 26-28, 2000, Berlin, Germany
Hua Wang , Jinli Cao , Yanchun Zhang, A flexible payment scheme and its permission-role assignment, Proceedings of the twenty-sixth Australasian conference on Computer science: research and practice in information technology, p.189-198, February 01, 2003, Adelaide, Australia
Joon S. Park , Gail-Joon Ahn , Ravi Sandhu, Role-based access control on the web using LDAP, Proceedings of the fifteenth annual working conference on Database and application security, p.19-30, July 15-18, 2001, Niagara, Ontario, Canada
Hua Wang , Lili Sun , Yanchun Zhang , Jinli Cao, Authorization algorithms for the mobility of user-role relationship, Proceedings of the Twenty-eighth Australasian conference on Computer Science, p.69-77, January 01, 2005, Newcastle, Australia
Angelos D. Keromytis , Jonathan M. Smith, Requirements for scalable access control and security management architectures, ACM Transactions on Internet Technology (TOIT), v.7 n.2, p.8-es, May 2007

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)
          Subjects: Authentication

Additional Classification:
  H. Information Systems
  H.3 INFORMATION STORAGE AND RETRIEVAL
      H.3.4 Systems and Software

          Nouns: World Wide Web (WWW)


General Terms:
Algorithms, Human Factors, Languages, Management, Security

Collaborative Colleagues:
Ravi Sandhu: colleagues
Joon S. Park: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player