- 1.D.E. Bell and L.J. La Padula. Secure Computer System: Unified Exposition & Multics interpret, at, ion. Technical report, Technical Report MTIS AD-A023588, MITRE Corporation, 1975.Google Scholar
- 2.S. Cast, ano, M. l?ugini, G. Martella, and P. Samarati. Database Security. Addison- Wesley, 1994. Google ScholarDigital Library
- 3.M. Nyanchama. Commercial Integrity, Roles and Object Orientation. PhD thesis, Department of Computer Science, The University of Western Ontario, London, Canada, Sept. 1994. Google ScholarDigital Library
- 4.M. Nyanchama and S. L. Osborn. Access rights administration in role-based security systems. In J. Biskup, M. Morgenstern, and C. E. Landwehr, editors, Database Security, VIII, Status and Prospects, Proceedings of the IFIP WGII.3 Working Conference on Database Security, pages 37-56. North-Holland, 1994. Google ScholarDigital Library
- 5.M. Nyanchama and S. L. Osborn. Modeling mandatory access control in role-based security systems. In D.L. Spooner, S.A. Demurjian, and J.E. Dobson, editors, Proceedings of the IFIP WG 1.1.3 Ninth Annual Working Conference on Database Security, pages 129-144. Chapman & Hall, 1995. Google ScholarDigital Library
- 6.R.S. Sandhu. Lattice-based access control models. Computer, 26:9-19, Nov. 1993. Google ScholarDigital Library
- 7.R.S. Sandhu. Role hierarchies and constraints for lattice-based access controls. In Computer Security - ESORICS 96, pages 65--79. Springer Verlag, 1996. Lecture Notes 1146. Google ScholarDigital Library
- 8.R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. Role-based access control models. Computer, 29:38-47, Feb. 1996. Google ScholarDigital Library
- 9.R.S. Sandhu and C. Youman, editors. First A CM Workshop on Role-Based Access Control. Association for Computing Machinery, Nov. 30- Dec. 1 1995. Google Scholar
Index Terms
- Mandatory access control and role-based access control revisited
Recommendations
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Role-Based Access Control Models
Since the 1970s, computer systems have featured multiple applications and served multiple users, leading to heightened awareness of data security issues. System administrators and software developers focused on different kinds of access control to ...
Delegation in role-based access control
User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively ...
Comments