ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Three for one: role-based access-control management in rapidly changing heterogeneous environments
Full text PdfPdf (676 KB)
Source Symposium on Access Control Models and Technologies archive
Proceedings of the fifth ACM workshop on Role-based access control table of contents
Berlin, Germany
Pages: 83 - 88  
Year of Publication: 2000
ISBN:1-58113-259-X
Authors
Axel Mönkeberg  Swiss Re, Mythenquai 50/60, CH-8022, Zurich
René Rakete  QualiFair AG, Mühlerain 35, 8706 Meilen
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 4,   Downloads (12 Months): 24,   Citation Count: 2
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/344287.344306
What is a DOI?

ABSTRACT

We describe a maintenance tool for role-based access-control (RBAC0, RBAC1 and RBAC2 [1]), implemented in a Swiss bank. Concept and implementation of the system is as far as possible independent of operating system and vendors. The tool supports the maintenance of the access control interface to database systems, operating systems, web server and application systems (e.g. workflow management systems [9], OLAP tools and analytic tools). It is based on the principle of using a system independent access-control specification-language (ADL), a repository for static definition and runtime data, a target system independent access-control command language (CDL) and a set of different target system specific implementations of the access-control maintenance interfaces (TDL). The system is able to maintain the access control interfaces of passive systems (e.g. common DBMS [5],[6],[7] and OS [8],[12],[10]) and supports also the access control mechanism of active systems. Active systems have no own authorization control mechanism implemented. Active systems check the authorization of operations of a particular user by calling a “central” authorization instance. The system is implemented in Java and SQL and uses the CORBA IIOP communication protocol.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
 
2
Object Management Group. CORBA-services: Common Object Services, July 1998. OMG document number: forma 1/98-0705.
3
Konstantin Beznosov , Yi Deng, A framework for implementing role-based access control using CORBA security service, Proceedings of the fourth ACM workshop on Role-based access control, p.19-30, October 28-29, 1999, Fairfax, Virginia, United States  [doi>10.1145/319171.319174]
4
Jonathan D. Moffett , Emil C. Lupu, The uses of role hierarchies in access control, Proceedings of the fourth ACM workshop on Role-based access control, p.153-160, October 28-29, 1999, Fairfax, Virginia, United States  [doi>10.1145/319171.319186]
 
5
Oracle7(tm) Server Administrator's Guide, Release 7.3, Part No. A32535-1, 1996.
 
6
Sybase SQL server Technical Overview, Release 11, Part No. 8200.0494, 1994.
 
7
Sybase Client/Server Architectural Overview, Release 11, Part No. 8203.0294.
 
8
Raj Bhargava, OpenVMS: architecture, use, and migration, McGraw-Hill, Inc., New York, NY, 1995
 
9
Open Text LiveLink Release 8, http://www.opentext.com/.
 
10
Maurice J. Bach, The design of the UNIX operating system, Prentice-Hall, Inc., Upper Saddle River, NJ, 1986
 
11
Orcale Rdb 7 Distributed Technology Handbook, Partno. A49005-1, 1996
 
12
Microsoft MSDN Library, July 1999
 
13
Michael McCaffery , William Scott, The Official Visibroker for Java Handbook: The Authoritative Solution, Macmillan Publishing Co., Inc., Indianapolis, IN, 1998
 
14
SAM Customer Manuals, Release 2.2, Schumann Unternehmens AG, 1997
15
Roland Awischus, Role based access control with the security administration manager (SAM), Proceedings of the second ACM workshop on Role-based access control, p.61-68, November 06-07, 1997, Fairfax, Virginia, United States  [doi>10.1145/266741.266758]

CITED BY  2
Axel Kern , Martin Kuhlmann , Andreas Schaad , Jonathan Moffett, Observations on the role life-cycle in the context of enterprise security management, Proceedings of the seventh ACM symposium on Access control models and technologies, June 03-04, 2002, Monterey, California, USA
Martin Kuhlmann , Dalia Shohat , Gerhard Schimpf, Role mining - revealing business roles for security administration using data mining technology, Proceedings of the eighth ACM symposium on Access control models and technologies, June 02-03, 2003, Como, Italy

INDEX TERMS

Classification:
  D. Software
  D.3 PROGRAMMING LANGUAGES
      D.3.2 Language Classifications
          Subjects: Specialized application languages
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls

  I. Computing Methodologies
  I.2 ARTIFICIAL INTELLIGENCE
      I.2.8 Problem Solving, Control Methods, and Search
          Subjects: Control theory

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS


General Terms:
Design, Languages, Performance, Security, Theory

Collaborative Colleagues:
Axel Mönkeberg: colleagues
René Rakete: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player