ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Control principles and role hierarchies
Full text PdfPdf (768 KB)
Source Symposium on Access Control Models and Technologies archive
Proceedings of the third ACM workshop on Role-based access control table of contents
Fairfax, Virginia, United States
Pages: 63 - 69  
Year of Publication: 1998
ISBN:1-58113-113-5
Author
Jonathan D. Moffett  Department of Computer Science, University of York, Heslington, York YO1 5DD, UK
Sponsors
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM Wash. DC Chap. : ACM Washington DC Chapter
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 6,   Downloads (12 Months): 58,   Citation Count: 19
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/286884.286900
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Thomas, E. and B. Biddle, The Nature and History of Role Theory, in Role Theory: Concepts and Research, B. Biddle and E. Thomas, Editors. 1979, Krieger Publishing.
 
2
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
 
3
T. C. Ting, A user-role based data security approach, on Database Security: Status and Prospects, p.187-208, September 1988, Annapolis, Maryland, United States
 
4
ISO 9000, Guidelines J?)r the Selection and Use of Standards on Quality Management, Quality System Elements' and Quality Assurance. International Standards Organisation.
 
5
DEFSTAN 00-55, The Procurement of Safety Critical Software in Defence Equipment: Part 1 Requirements & Part 2: Guidance. UK Ministry of Defence, 1 August 1997.
 
6
Clark, D.C. and D.R. Wilson. A Comparison of Commercial and Military Computer Security Policies. in IEEE Symposium on Security and Privacy. 1987. Oakland, CA: IEEE Computer Society Press.
 
7
Sushil Jajodia , Pierangela Samarati , V. S. Subrahmanian, A Logical Language for Expressing Authorizations, Proceedings of the 1997 IEEE Symposium on Security and Privacy, p.31, May 04-07, 1997
 
8
Moffett, J.D. and M.S. Sloman, Delegation of Authority, in Integrated Network Management II, i. Krishnan and W. Zimmer, Edilors. 1991, North Holland. p. 595-606.
 
9
James Rumbaugh , Michael Blaha , William Premerlani , Frederick Eddy , William Lorensen, Object-oriented modeling and design, Prentice-Hall, Inc., Upper Saddle River, NJ, 1991
 
10
D. Jonscher , K. R. Dittrich, Argos—a configurable access control system for interoperable environments, Proceedings of the ninth annual IFIP TC11 WG11.3 working conference on Database security IX : status and prospects: status and prospects, p.43-60, January 1996, Rennselaerville, New York, United States

CITED BY  19
Andreas Schaad , Jonathan D. Moffett, A lightweight approach to specification and analysis of role-based access control extensions, Proceedings of the seventh ACM symposium on Access control models and technologies, June 03-04, 2002, Monterey, California, USA
Jonathon E. Tidswell , Trent Jaeger, Integrated constraints and inheritance in DTAC, Proceedings of the fifth ACM workshop on Role-based access control, p.93-102, July 26-28, 2000, Berlin, Germany
Jonathon E. Tidswell , Geoffrey H. Outhred , John M. Potter, Dynamic rights: safe extensible access control, Proceedings of the fourth ACM workshop on Role-based access control, p.113-120, October 28-29, 1999, Fairfax, Virginia, United States
Andreas Schaad , Jonathan Moffett , Jeremy Jacob, The role-based access control system of a European bank: a case study and discussion, Proceedings of the sixth ACM symposium on Access control models and technologies, p.3-9, May 2001, Chantilly, Virginia, United States
David F. Ferraiolo , Ravi Sandhu , Serban Gavrila , D. Richard Kuhn , Ramaswamy Chandramouli, Proposed NIST standard for role-based access control, ACM Transactions on Information and System Security (TISSEC), v.4 n.3, p.224-274, August 2001
Jonathan D. Moffett , Emil C. Lupu, The uses of role hierarchies in access control, Proceedings of the fourth ACM workshop on Role-based access control, p.153-160, October 28-29, 1999, Fairfax, Virginia, United States
Sejong Oh , Ravi Sandhu, A model for role administration using organization structure, Proceedings of the seventh ACM symposium on Access control models and technologies, June 03-04, 2002, Monterey, California, USA
Walt Yao , Ken Moody , Jean Bacon, A model of OASIS role-based access control and its support for active security, Proceedings of the sixth ACM symposium on Access control models and technologies, p.171-181, May 2001, Chantilly, Virginia, United States
Trent Jaeger , Jonathon E. Tidswell, Rebuttal to the NIST RBAC model proposal, Proceedings of the fifth ACM workshop on Role-based access control, p.65-66, July 26-28, 2000, Berlin, Germany
Axel Kern , Andreas Schaad , Jonathan Moffett, An administration concept for the enterprise role-based access control model, Proceedings of the eighth ACM symposium on Access control models and technologies, June 02-03, 2003, Como, Italy
Jürgen Schlegelmilch , Ulrike Steffens, Role mining with ORCA, Proceedings of the tenth ACM symposium on Access control models and technologies, June 01-03, 2005, Stockholm, Sweden
Sejong Oh , Ravi Sandhu , Xinwen Zhang, An effective role administration model using organization structure, ACM Transactions on Information and System Security (TISSEC), v.9 n.2, p.113-137, May 2006
Tsung-Yi Chen , Yuh-Min Chen , Hui-Chuan Chu , Chin-Bin Wang, Development of an access control model, system architecture and approaches for resource sharing in virtual enterprise, Computers in Industry, v.58 n.1, p.57-73, January, 2007
Ninghui Li , Ziqing Mao, Administration in role-based access control, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore
Yan Han , Xu Chun-Gen , Zhang Gong-Xuan , Liu Feng-Yu, Constraint specification for object model of access control based on role, ACM SIGSOFT Software Engineering Notes, v.25 n.2, p.60-63, March 2000
James B. D. Joshi , Elisa Bertino , Arif Ghafoor , Yue Zhang, Formal foundations for hybrid hierarchies in GTRBAC, ACM Transactions on Information and System Security (TISSEC), v.10 n.4, p.1-39, January 2008
Ninghui Li , Ji-Won Byun , Elisa Bertino, A Critique of the ANSI Standard on Role-Based Access Control, IEEE Security and Privacy, v.5 n.6, p.41-49, November 2007
Tsung-Yi Chen , Yuh-Min Chen , Chin-Bin Wang , Hui-Chuan Chu, Flexible authorisation in dynamic e-business environments using an organisation structure-based access control model, International Journal of Computer Integrated Manufacturing, v.22 n.3, p.225-244, March 2009
Debmalya Biswas , Krishnamurthy Vidyasankar, Formalizing visibility characteristics in hierarchical systems, Data & Knowledge Engineering, v.68 n.8, p.748-774, August, 2009

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)
          Subjects: Authentication

Additional Classification:
  G. Mathematics of Computing
  G.2 DISCRETE MATHEMATICS

  J. Computer Applications
  J.1 ADMINISTRATIVE DATA PROCESSING
      Subjects: Financial (e.g., EFTS)


General Terms:
Algorithms, Human Factors, Management, Security

Collaborative Colleagues:
Jonathan D. Moffett: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player