Skip header Section
Skip Bibliometrics Section
Role-Based Access ControlJanuary 2007
Skip Abstract Section
Abstract
This newly revised edition of the Artech House bestseller, Role-Based Access Control, offers you the very latest details on this sophisticated security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edition provides more comprehensive and updated coverage of access control models, new Rbac standards, new in-depth case studies and discussions on role engineering and the design of role-based systems. The book shows you how Rbac simplifies security administration by using roles, hierarchies, and constraints to manage the review and control of organizational privileges. Moreover, it explains how Rbac makes it possible to specify many types of enterprise security policies. This unique resource covers all facets of Rbac, from its solid model-theoretic foundations to its implementation within commercial products. You learn how to use Rbac to emulate other access control models and find frameworks and tools for administering Rbac. Research prototypes that have incorporated Rbac into various classes of software like Wfms, Web server, Os (Unix) and Java (Jee) are reviewed. Products implementing Rbac features such as relational Dbms and Enterprise Security Administration (Esa) systems are described to serve as a guide to the state of practice of Rbac.
Cited By
- Ghaffari F, Bertin E, Crespi N and Hatin J (2023). Distributed ledger technologies for authentication and access control in networking applications, Computer Science Review, 50:C, Online publication date: 1-Nov-2023.
Chakraborty P, Dutta S and Sanyal D Personal Research Knowledge Graphs Companion Proceedings of the Web Conference 2022, (763-768)- Jiang R, Xin Y, Chen Z and Zhang Y (2022). A medical big data access control model based on fuzzy trust prediction and regression analysis, Applied Soft Computing, 117:C, Online publication date: 1-Mar-2022.
- Penelova M (2021). Access Control Models, Cybernetics and Information Technologies, 21:4, (77-104), Online publication date: 1-Dec-2021.
- Penelova M (2021). Hybrid Role and Attribute Based Access Control Applied in Information Systems, Cybernetics and Information Technologies, 21:3, (85-96), Online publication date: 1-Sep-2021.
- Penelova M (2020). Hybrid Role and Attribute Based Access Control Applied in Information Systems, Cybernetics and Information Technologies, 21:3, (85-96), Online publication date: 1-Sep-2021.
- Chatterjee A, Pitroda Y and Parmar M Dynamic Role-Based Access Control for Decentralized Applications Blockchain – ICBC 2020, (185-197)
- Kang Q, Xue L, Morrison A, Tang Y, Chen A and Luo X Programmable in-network security for context-aware BYOD policies Proceedings of the 29th USENIX Conference on Security Symposium, (595-612)
- Amthor P, Fischer D, Kühnhauser W and Stelzer D Automated Cyber Threat Sensing and Responding Proceedings of the 14th International Conference on Availability, Reliability and Security, (1-10)
- Berger B, Maeder C, Wete Nguempnang R, Sohr K and Rubio-Medrano C Towards Effective Verification of Multi-Model Access Control Properties Proceedings of the 24th ACM Symposium on Access Control Models and Technologies, (149-160)
- Fernández M, Jaimunk J and Thuraisingham B Graph-Based Data-Collection Policies for the Internet of Things Proceedings of the 4th Annual Industrial Control System Security Workshop, (9-16)
- Pilipchuk R Coping with Access Control Requirements in the Context of Mutual Dependencies between Business and IT Proceedings of the Central European Cybersecurity Conference 2018, (1-4)
- Karthikeyan G and Heiss S PKI and User Access Rights Management for OPC UA based Applications 2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA), (251-257)
- Oluwatimi O, Damiani M and Bertino E (2018). A context-aware system to secure enterprise content, Computers and Security, 77:C, (162-178), Online publication date: 1-Aug-2018.
- Koukopoulos D and Koukoulis K (2018). A Trustworthy System with Mobile Services Facilitating the Everyday Life of a Museum, International Journal of Ambient Computing and Intelligence, 9:1, (1-18), Online publication date: 1-Jan-2018.
- Karimi V, Alencar P and Cowan D (2017). A formal modeling and analysis approach for access control rules, policies, and their combinations, International Journal of Information Security, 16:1, (43-74), Online publication date: 1-Feb-2017.
- Ronao C and Cho S (2016). Anomalous query access detection in RBAC-administered databases with random forest and PCA, Information Sciences: an International Journal, 369:C, (238-250), Online publication date: 10-Nov-2016.
- Damasceno C, Masiero P and Simao A Evaluating test characteristics and effectiveness of FSM-based testing methods on RBAC systems Proceedings of the XXX Brazilian Symposium on Software Engineering, (83-92)
- Le H, Nguyen C, Briand L and Hourte B Automated Inference of Access Control Policies for Web Applications Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, (27-37)
- Esposito C and Ciampi M (2015). On Security in Publish/Subscribe Services: A Survey, IEEE Communications Surveys & Tutorials, 17:2, (966-997), Online publication date: 1-Apr-2015.
- Fabian B, Ermakova T and Junghanns P (2015). Collaborative and secure sharing of healthcare data in multi-clouds, Information Systems, 48:C, (132-150), Online publication date: 1-Mar-2015.
- Caruccio L, Deufemia V, D'Souza C, Ginige A and Polese G Supporting Access Control within a Mockup-based EUDWeb Environment Proceedings of the 7th International Symposium on Visual Information Communication and Interaction, (88-97)
- Shabtai A, Bercovitch M, Rokach L and Elovici Y (2014). Optimizing Data Misuse Detection, ACM Transactions on Knowledge Discovery from Data, 8:3, (1-23), Online publication date: 2-Jun-2014.
- Bertolotti I, Durante L, Hu T and Valenzano A A Model for the Analysis of Security Policies in Industrial Networks Proceedings of the 1st International Symposium on ICS & SCADA Cyber Security Research 2013, (66-77)
- Fabian B, Kunz S, MüLler S and GüNther O (2013). Secure federation of semantic information services, Decision Support Systems, 55:1, (385-398), Online publication date: 1-Apr-2013.
- Schefer-Wenzl S and Strembeck M Generic support for RBAC break-glass policies in process-aware information systems Proceedings of the 28th Annual ACM Symposium on Applied Computing, (1441-1446)
- Geepalla E, Bordbar B and Last J Transformation of spatio-temporal role based access control specification to alloy Proceedings of the 2nd international conference on Model and Data Engineering, (67-78)
- Fuchs L and Pernul G (2012). Minimizing insider misuse through secure Identity Management, Security and Communication Networks, 5:8, (847-862), Online publication date: 1-Aug-2012.
- Belchior M, Schwabe D and Silva Parreiras F Role-Based access control for model-driven web applications Proceedings of the 12th international conference on Web Engineering, (106-120)
- Cuppens F, Cuppens-Boulahia N and Pena Viña E Adaptive access control enforcement in social network using aspect weaving Proceedings of the 17th international conference on Database Systems for Advanced Applications, (154-167)
- Schefer S, Strembeck M, Mendling J and Baumgrass A Detecting and resolving conflicts of mutual-exclusion and binding constraints in a business process context Proceedings of the 2011th Confederated international conference on On the move to meaningful internet systems - Volume Part I, (329-346)
- Martínez-García C, Navarro-Arribas G and Borrell J Intra-role progression in RBAC Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security, (221-234)
- Lang U and Schreiner R (2011). Analysis of recommended cloud security controls to validate OpenPMF “policy as a service”, Information Security Tech. Report, 16:3, (131-141), Online publication date: 1-Aug-2011.
- Braga C (2011). A transformation contract to generate aspects from access control policies, Software and Systems Modeling (SoSyM), 10:3, (395-409), Online publication date: 1-Jul-2011.
- Hummer W, Gaubatz P, Strembeck M, Zdun U and Dustdar S An integrated approach for identity and access management in a SOA context Proceedings of the 16th ACM symposium on Access control models and technologies, (21-30)
- Baumgrass A, Strembeck M and Rinderle-Ma S Deriving role engineering artifacts from business processes and scenario models Proceedings of the 16th ACM symposium on Access control models and technologies, (11-20)
- Embe Jiague M, Frappier M, Gervais F, Laleau R and St-Denis R A metamodel for the design of access-control policy enforcement managers Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security, (218-226)
- Bruns G and Huth M (2011). Access control via belnap logic, ACM Transactions on Information and System Security, 14:1, (1-27), Online publication date: 1-May-2011.
- Strembeck M and Mendling J (2011). Modeling process-related RBAC models with extended UML activity models, Information and Software Technology, 53:5, (456-483), Online publication date: 1-May-2011.
- Field J, Graham S and Maguire T A framework for obligation fulfillment in REST services Proceedings of the Second International Workshop on RESTful Design, (59-66)
- Fong P Relationship-based access control Proceedings of the first ACM conference on Data and application security and privacy, (191-202)
- Al-Hamdani W Cryptography based access control in healthcare web systems 2010 Information Security Curriculum Development Conference, (66-79)
- Zarnett J, Tripunitara M and Lam P Role-based access control (RBAC) in Java via proxy objects using annotations Proceedings of the 15th ACM symposium on Access control models and technologies, (79-88)
- da Silva Figueiredo K, da Silva V and de Oliveira Braga C Modeling norms in multi-agent systems with NormML Proceedings of the 6th international conference on Coordination, organizations, institutions, and norms in agent systems, (39-57)
- Kim D, Lu L and Kim S A verifiable modeling approach to configurable role-based access control Proceedings of the 13th international conference on Fundamental Approaches to Software Engineering, (188-202)
- Cirit Ç and Buzluca F A UML profile for role-based access control Proceedings of the 2nd international conference on Security of information and networks, (83-92)
- Constantinescu R and Toma A (2009). A closer look to the V-model approach for role engineering, WSEAS Transactions on Computers, 8:10, (1631-1640), Online publication date: 1-Oct-2009.
- Constantinescu R, Toma A, Scorta I, Nastase F and Zota R V-model approach for role engineering Proceedings of the WSEAES 13th international conference on Computers, (148-152)
- Sakai A, Hori Y and Sakurai K Formal Verification for Access Control in Web Information Sharing System Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance, (80-89)
- Fuchs L and Pernul G HyDRo --- Hybrid Development of Roles Proceedings of the 4th International Conference on Information Systems Security, (287-302)
Recommendations
Role-Based Access Control Models
Since the 1970s, computer systems have featured multiple applications and served multiple users, leading to heightened awareness of data security issues. System administrators and software developers focused on different kinds of access control to ...
Delegation in role-based access control
User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively ...
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...