Privacy and Security (TOPS)


Search Issue
enter search term and/or author name


ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control, Volume 2 Issue 1, Feb. 1999

Ravi Sandhu
Pages: 1-2
DOI: 10.1145/300830.317086

The role graph model and conflict of interest
Matunda Nyanchama, Sylvia Osborn
Pages: 3-33
DOI: 10.1145/300830.300832
We describe in more detail than before the reference model for role-based access control introduced by Nyanchama and Osborn, and the role-graph model with its accompanying algorithms, which is one way of implementing role-role relationships. An...

A role-based access control model and reference implementation within a corporate intranet
David F. Ferraiolo, John F. Barkley, D. Richard Kuhn
Pages: 34-64
DOI: 10.1145/300830.300834
This paper describes NIST's enhanced RBAC model and our approach to designing and implementing RBAC features for networked Web servers. The RBAC model formalized in this paper is based on the properties that were first described in Ferraiolo...

The specification and enforcement of authorization constraints in workflow management systems
Elisa Bertino, Elena Ferrari, Vijay Atluri
Pages: 65-104
DOI: 10.1145/300830.300837
In recent years, workflow management systems (WFMSs) have gained popularity in both research and commercial sectors. WFMSs are used to coordinate and streamline business processes. Very large WFMSs are often used in organizations with users in...

The ARBAC97 model for role-based administration of roles
Ravi Sandhu, Venkata Bhamidipati, Qamar Munawer
Pages: 105-135
DOI: 10.1145/300830.300839
In role-based access control (RBAC), permissions are associated with roles' and users are made members of roles, thereby acquiring the roles; permissions. RBAC's motivation is to simplify administration of authorizations. An appealing...