Privacy and Security (TOPS)


Search Issue
enter search term and/or author name


ACM Transactions on Information and System Security (TISSEC), Volume 4 Issue 3, August 2001

TRBAC: A temporal role-based access control model
Elisa Bertino, Piero Andrea Bonatti, Elena Ferrari
Pages: 191-233
DOI: 10.1145/501978.501979
Role-based access control (RBAC) models are receiving increasing attention as a generalized approach to access control. Roles may be available to users at certain time periods, and unavailable at others. Moreover, there can be temporal dependencies...

Proposed NIST standard for role-based access control
David F. Ferraiolo, Ravi Sandhu, Serban Gavrila, D. Richard Kuhn, Ramaswamy Chandramouli
Pages: 224-274
DOI: 10.1145/501978.501980
In this article we propose a standard for role-based access control (RBAC). Although RBAC models have received broad support as a generalized approach to access control, and are well recognized for their many advantages in performing large-scale...

An unknown key-share attack on the MQV key agreement protocol
Burton S. Kaliski, Jr.
Pages: 275-288
DOI: 10.1145/501978.501981
The MQV key agreement protocol, a technique included in recent standards, is shown in its basic form to be vulnerable to an unknown key-share attack. Although the attack's practical impact on security is minimal---a key confirmation step easily...

The architecture and performance of security protocols in the ensemble group communication system: Using diamonds to guard the castle

Pages: 289-319
DOI: 10.1145/501978.501982
Ensemble is a Group Communication System built at Cornell and the Hebrew universities. It allows processes to create process groups within which scalable reliable fifo-ordered multicast and point-to-point communication are supported. The...