ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
The RSL99 language for role-based separation of duty constraints
Full text PdfPdf (1.17 MB)
Source Symposium on Access Control Models and Technologies archive
Proceedings of the fourth ACM workshop on Role-based access control table of contents
Fairfax, Virginia, United States
Pages: 43 - 54  
Year of Publication: 1999
ISBN:1-58113-180-1
Authors
Gail-Joon Ahn  Laboratory for Information Security Technology, Information and Software Engineering Department, George Mason University
Ravi Sandhu  Laboratory for Information Security Technology, Information and Software Engineering Department, George Mason University
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 4,   Downloads (12 Months): 29,   Citation Count: 27
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/319171.319176
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
Bal90
Robert W. Baldwin. Naming and grouping privileges to simplify security management in large database. In Proceedings of IEEE Symposium on Research in Security and privacy, pages 61-70, Oakland, CA, April 1990.
CS95
Fang Chen , Ravi S. Sandhu, Constraints for role-based access control, Proceedings of the first ACM Workshop on Role-based access control, p.14-es, November 30-December 02, 1995, Gaithersburg, Maryland, United States  [doi>10.1145/270152.270177]
 
CW87
D.D. Clark and D. R. Wilson. A comparision of commercial and military computer security plocies. In Proceedings of IEEE Symposium on Security and Privacy, pages 184- 194, April 1987.
FBK99
David F. Ferraiolo , John F. Barkley , D. Richard Kuhn, A role-based access control model and reference implementation within a corporate intranet, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.34-64, Feb. 1999  [doi>10.1145/300830.300834]
 
FCK95
David Ferraiolo, Janet Cugini, and Richard Kuhn. Role-based access control (RBAC): Features and motivations. In Proceedings of 11th Annual Computer Security Application Conference, pages 241-48, New Orleans, LA, December 11-15 1995.
 
GGF98
Virgil D. Gligor, Serban I. Gavrila, and David Ferraiolo. On the formal definition of separation-of-duty policies and their composition. In Proceedings of IEEE Symposium on Research in Security and Privacy, pages 172-183, Oakland, CA, May 1998.
Kuh97
D. Richard Kuhn, Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems, Proceedings of the second ACM workshop on Role-based access control, p.23-30, November 06-07, 1997, Fairfax, Virginia, United States  [doi>10.1145/266741.266749]
NO99
Matunda Nyanchama , Sylvia Osborn, The role graph model and conflict of interest, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.3-33, Feb. 1999  [doi>10.1145/300830.300832]
 
NP90
M.N. Nash and K.R. Poland. Some conundrums concerning separation of duty. In Proceedings o/ IEEE Symposium on Security and Privacy, pages 201-207, Oakland, CA, May 1990.
 
San88
Ravi Sandhu. Transaction control expressions for separation of duties. In Proceedings of 4th Aerospace Computer Security Conference, pages 282-286, Orlando, FL, December 1988.
 
San93
Ravi S. Sandhu, Lattice-Based Access Control Models, Computer, v.26 n.11, p.9-19, November 1993  [doi>10.1109/2.241422]
 
San96
Ravi S. Sandhu, Role Hierarchies and Constraints for Lattice-Based Access Controls, Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security, p.65-79, September 25-27, 1996
San97
Ravi Sandhu, Rationale for the RBAC96 family of access control models, Proceedings of the first ACM Workshop on Role-based access control, p.9-es, November 30-December 02, 1995, Gaithersburg, Maryland, United States  [doi>10.1145/270152.270167]
 
SCFY96
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
 
SZ97
Richard Simon , Mary Ellen Zurko, Separation of Duty in Role-based Environments, Proceedings of the 10th Computer Security Foundations Workshop (CSFW '97), p.183, June 10-12, 1997
 
TS94
Roshan Thomas and Ravi S. Sandhu. Conceptual foundations for a model of task-based authorizations. In Proceedings of IEEE Computer Security Foundations Workshop, pages 66-79, Franconia, NH, June 1994.

CITED BY  27
Ravi Sandhu , David Ferraiolo , Richard Kuhn, The NIST model for role-based access control: towards a unified standard, Proceedings of the fifth ACM workshop on Role-based access control, p.47-63, July 26-28, 2000, Berlin, Germany
Longhua Zhang , Gail-Joon Ahn , Bei-Tseng Chu, A rule-based framework for role based delegation, Proceedings of the sixth ACM symposium on Access control models and technologies, p.153-162, May 2001, Chantilly, Virginia, United States
Hua Wang , Jinli Cao , Yanchun Zhang, A flexible payment scheme and its permission-role assignment, Proceedings of the twenty-sixth Australasian conference on Computer science: research and practice in information technology, p.189-198, February 01, 2003, Adelaide, Australia
Gail-Joon Ahn , Ravi Sandhu, Role-based authorization constraints specification, ACM Transactions on Information and System Security (TISSEC), v.3 n.4, p.207-226, Nov. 2000
Andreas Schaad , Jonathan Moffett , Jeremy Jacob, The role-based access control system of a European bank: a case study and discussion, Proceedings of the sixth ACM symposium on Access control models and technologies, p.3-9, May 2001, Chantilly, Virginia, United States
Konstantin Knorr , Henrik Stormer, Modeling and analyzing separation of duties in workflow environments, Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge, June 11-13, 2001, Paris, France
Elisa Bertino , Piero Andrea Bonatti , Elena Ferrari, TRBAC: A temporal role-based access control model, ACM Transactions on Information and System Security (TISSEC), v.4 n.3, p.191-233, August 2001
Trent Jaeger , Jonathon E. Tidswell, Practical safety in flexible access control models, ACM Transactions on Information and System Security (TISSEC), v.4 n.2, p.158-190, May 2001
Jonathon E. Tidswell , Trent Jaeger, An access control model for simplifying constraint expression, Proceedings of the 7th ACM conference on Computer and communications security, p.154-163, November 01-04, 2000, Athens, Greece
Sejong Oh , Seog Park, Task-role-based access control model, Information Systems, v.28 n.6, p.533-562, September 2003
Hua Wang , Yanchun Zhang , Jinli Cao, Formal authorisation allocation approaches for permission-role assignments using relational algebra operations, Proceedings of the fourteenth Australasian database conference, p.125-133, February 01, 2003, Adelaide, Australia
Hua Wang , Jinli Cao , Yanchun Zhang, A flexible payment scheme and its permission-role assignment, Proceedings of the twenty-sixth Australasian conference on Computer science: research and practice in information technology, p.189-198, February 01, 2003, Adelaide, Australia
Sejong Oh , Seog Park, Task-role-based access control model, Information Systems, v.28 n.6, p.533-562, September 2003
David F. Ferraiolo , R. Chandramouli , Gail-Joon Ahn , Serban I. Gavrila, The role control center: features and case studies, Proceedings of the eighth ACM symposium on Access control models and technologies, June 02-03, 2003, Como, Italy
Ninghui Li , Qihua Wang, Beyond separation of duty: an algebra for specifying high-level security policies, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA
Indrakshi Ray , Na Li , Robert France , Dae-Kyoo Kim, Using uml to visualize role-based access control constraints, Proceedings of the ninth ACM symposium on Access control models and technologies, June 02-04, 2004, Yorktown Heights, New York, USA
Reinhardt A. Botha , Jan H. P. Eloff, Separation of duties for access control enforcement in workflow environments, IBM Systems Journal, v.40 n.3, p.666-682, March 2001
Eunjee Song , Raghu Reddy , Robert France , Indrakshi Ray , Geri Georg , Roger Alexander, Verifiable composition of access control and application features, Proceedings of the tenth ACM symposium on Access control models and technologies, June 01-03, 2005, Stockholm, Sweden
Kazuhiro Minami , David Kotz, Secure context-sensitive authorization, Pervasive and Mobile Computing, v.1 n.1, p.123-156, March 2005
David Basin , Jürgen Doser , Torsten Lodderstedt, Model driven security: From UML models to access control infrastructures, ACM Transactions on Software Engineering and Methodology (TOSEM), v.15 n.1, p.39-91, January 2006
Ninghui Li , Qihua Wang, Beyond separation of duty: An algebra for specifying high-level security policies, Journal of the ACM (JACM), v.55 n.3, p.1-46, July 2008
Hong Chen , Ninghui Li, Constraint generation for separation of duty, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
Jon A. Solworth, Approvability, Proceedings of the 2006 ACM Symposium on Information, computer and communications security, March 21-24, 2006, Taipei, Taiwan
Ji-Won Byun , Yonglak Sohn , Elisa Bertino, Systematic control and management of data integrity, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
Ninghui Li , Mahesh V. Tripunitara , Ziad Bizri, On mutually exclusive roles and separation-of-duty, ACM Transactions on Information and System Security (TISSEC), v.10 n.2, p.5-es, May 2007
Gilles Goncalves , Aneta Poniszewska-Maranda, Role engineering: From design to evolution of security schemes, Journal of Systems and Software, v.81 n.8, p.1306-1326, August, 2008
Seng-Phil Hong , Gail-Joon Ahn , Wenjuan Xu, Access Control Management for SCADA Systems, IEICE - Transactions on Information and Systems, v.E91-D n.10, p.2449-2457, October 2008

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS

Additional Classification:
  D. Software
  D.3 PROGRAMMING LANGUAGES
  D.4 OPERATING SYSTEMS


General Terms:
Algorithms, Design, Languages, Measurement, Performance, Security, Theory, Verification

Collaborative Colleagues:
Gail-Joon Ahn: colleagues
Ravi Sandhu: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player