ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Administrative scope in the graph-based framework
Full text PdfPdf (150 KB)
Source Symposium on Access Control Models and Technologies archive
Proceedings of the ninth ACM symposium on Access control models and technologies table of contents
Yorktown Heights, New York, USA
SESSION: Role administration table of contents
Pages: 97 - 104  
Year of Publication: 2004
ISBN:1-58113-872-5
Authors
M. Koch  Freie Universität Berlin, Berlin, Germany
L. V. Mancini  Università di Roma, Roma, Italy
F. Parisi-Presicce  George Mason University, Fairfax, VA
Sponsors
ACM: Association for Computing Machinery
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 3,   Downloads (12 Months): 17,   Citation Count: 3
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/990036.990051
What is a DOI?

ABSTRACT

The use of the graph-based framework to specify the administration of RBAC systems has several advantages, from the intuition provided by the visual aspect to the precise semantics and the systematic verification of constraints. Here the benefits of this framework are illustrated using SARBAC (scoped administration of role based access control), providing the first steps towards its operational semantics and a more expressive constraint language.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Gail-Joon Ahn , Ravi Sandhu, Role-based authorization constraints specification, ACM Transactions on Information and System Security (TISSEC), v.3 n.4, p.207-226, Nov. 2000  [doi>10.1145/382912.382913]
2
Jason Crampton , George Loizou, Administrative scope: A foundation for role-based administrative models, ACM Transactions on Information and System Security (TISSEC), v.6 n.2, p.201-231, May 2003  [doi>10.1145/762476.762478]
 
3
H. Ehrig , G. Engels , H.-J. Kreowski , G. Rozenberg, Handbook of graph grammars and computing by graph transformation: vol. 2: applications, languages, and tools, World Scientific Publishing Co., Inc., River Edge, NJ, 1999
4
Serban I. Gavrila , John F. Barkley, Formal specification for role based access control user/role and role/role relationship management, Proceedings of the third ACM workshop on Role-based access control, p.81-90, October 22-23, 1998, Fairfax, Virginia, United States  [doi>10.1145/286884.286902]
 
5
Manuel Koch , Luigi V. Mancini , Francesco Parisi-Presicce, A Formal Model for Role-Based Access Control Using Graph Transformation, Proceedings of the 6th European Symposium on Research in Computer Security, p.122-139, October 04-06, 2000
6
Manuel Koch , Luigi V. Mancini , Francesco Parisi-Presicce, A graph-based formalism for RBAC, ACM Transactions on Information and System Security (TISSEC), v.5 n.3, p.332-365, August 2002  [doi>10.1145/545186.545191]
7
Matunda Nyanchama , Sylvia Osborn, The role graph model and conflict of interest, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.3-33, Feb. 1999  [doi>10.1145/300830.300832]
 
8
Grzegorz Rozenberg, Handbook of graph grammars and computing by graph transformation: volume I. foundations, World Scientific Publishing Co., Inc., River Edge, NJ, 1997
 
9
R. S. Sandhu. Role-based access control. In Advances in Computers, Volume 46. Academic Press, 1998.
10
Ravi Sandhu , David Ferraiolo , Richard Kuhn, The NIST model for role-based access control: towards a unified standard, Proceedings of the fifth ACM workshop on Role-based access control, p.47-63, July 26-28, 2000, Berlin, Germany  [doi>10.1145/344287.344301]
11
Ravi Sandhu , Venkata Bhamidipati , Qamar Munawer, The ARBAC97 model for role-based administration of roles, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.105-135, Feb. 1999  [doi>10.1145/300830.300839]
 
12
C. Ermel , M. Rudolf , G. Taentzer, The AGG approach: language and environment, Handbook of graph grammars and computing by graph transformation: vol. 2: applications, languages, and tools, World Scientific Publishing Co., Inc., River Edge, NJ, 1999

CITED BY  3
Elisa Bertino , Ravi Sandhu, Database Security-Concepts, Approaches, and Challenges, IEEE Transactions on Dependable and Secure Computing, v.2 n.1, p.2-19, January 2005
Ninghui Li , Mahesh V. Tripunitara, Security analysis in role-based access control, ACM Transactions on Information and System Security (TISSEC), v.9 n.4, p.391-420, November 2006
Guoli Ding , Jianhua Chen , R. F. Lax , Peter P. Chen, Graph-theoretic method for merging security system specifications, Information Sciences: an International Journal, v.177 n.10, p.2152-2166, May, 2007

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls


General Terms:
Security, Verification


Keywords:
administration, graph transformations, role-based access control

Collaborative Colleagues:
M. Koch: colleagues
L. V. Mancini: colleagues
F. Parisi-Presicce: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player