Skip header Section
Skip Bibliometrics Section
Role-Based Access ControlApril 2003
Abstract
No abstract available.
Cited By
Ahmad H, Dharmadasa I, Ullah F and Babar M (2023). A Review on C3I Systems’ Security: Vulnerabilities, Attacks, and Countermeasures, ACM Computing Surveys, 55:9, (1-38), Online publication date: 30-Sep-2023.- Parkinson S and Khan S (2022). A Survey on Empirical Security Analysis of Access-control Systems: A Real-world Perspective, ACM Computing Surveys, 55:6, (1-28), Online publication date: 31-Jul-2023.
- Li J, Pan A and Zheng T (2023). Cybersecurity of Medical Data Based on Big Data and Privacy Protection Method, International Journal of Data Warehousing and Mining, 19:5, (1-16), Online publication date: 24-Mar-2023.
- De Salve A, Franceschi L, Lisi A, Mori P and Ricci L (2022). L2DART: A Trust Management System Integrating Blockchain and Off-Chain Computation, ACM Transactions on Internet Technology, 23:1, (1-30), Online publication date: 28-Feb-2023.
- Zhang J, Zheng J, Zhang Z, Chen T, Qiu K, Zhang Q and Li Y (2022). Hybrid isolation model for device application sandboxing deployment in Zero Trust architecture, International Journal of Intelligent Systems, 37:12, (11167-11187), Online publication date: 29-Dec-2022.
- Trabelsi R, Fersi G and Jmaiel M Virtual Private Network Blockchain-based Dynamic Access Control Solution for Inter-organisational Large Scale IoT Networks Risks and Security of Internet and Systems, (207-222)
- Ruan P, Kanza Y, Ooi B and Srivastava D LedgerView: Access-Control Views on Hyperledger Fabric Proceedings of the 2022 International Conference on Management of Data, (2218-2231)
- Aftab M, Hamza A, Oluwasanmi A, Nie X, Sarfraz M, Shehzad D, Qin Z, Rafiq A and G T (2022). Traditional and Hybrid Access Control Models, Security and Communication Networks, 2022, Online publication date: 1-Jan-2022.
- Xu L and Mogos G Bugs in Security Onion Proceedings of the 2021 6th International Conference on Systems, Control and Communications, (1-6)
- Groll S, Kern S, Fuchs L and Pernul G Monitoring Access Reviews by Crowd Labelling Trust, Privacy and Security in Digital Business, (3-17)
- Samaniego M, Espana C and Deters R Access Control Management for Plant Phenotyping Using Integrated Blockchain Proceedings of the 2019 ACM International Symposium on Blockchain and Secure Critical Infrastructure, (39-46)
- Fernández M, Mackie I and Thuraisingham B Specification and Analysis of ABAC Policies via the Category-based Metamodel Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy, (173-184)
- Sambrekar K and Rajpurohit V (2019). Fast and Efficient Multiview Access Control Mechanism for Cloud Based Agriculture Storage Management System, International Journal of Cloud Applications and Computing, 9:1, (33-49), Online publication date: 1-Jan-2019.
- Apthorpe N, Shvartzshnaider Y, Mathur A, Reisman D and Feamster N (2018). Discovering Smart Home Internet of Things Privacy Norms Using Contextual Integrity, Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, 2:2, (1-23), Online publication date: 5-Jul-2018.
- Gouglidis A, Hu V, Busby J and Hutchison D Verification of Resilience Policies that Assist Attribute Based Access Control Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control, (43-52)
- Zulkipli N and Wills G An event-based access control for IoT Proceedings of the Second International Conference on Internet of things, Data and Cloud Computing, (1-4)
- Hussein D, Bertin E and Frey V (2017). A Community-Driven Access Control Approach in Distributed IoT Environments, IEEE Communications Magazine, 55:3, (146-153), Online publication date: 1-Mar-2017.
- Dageville B, Cruanes T, Zukowski M, Antonov V, Avanes A, Bock J, Claybaugh J, Engovatov D, Hentschel M, Huang J, Lee A, Motivala A, Munir A, Pelley S, Povinec P, Rahn G, Triantafyllis S and Unterbrunner P The Snowflake Elastic Data Warehouse Proceedings of the 2016 International Conference on Management of Data, (215-226)
- Carrara B and Adams C A Survey and Taxonomy Aimed at the Detection and Measurement of Covert Channels Proceedings of the 4th ACM Workshop on Information Hiding and Multimedia Security, (115-126)
- Oluwatimi O, Midi D and Bertino E A Context-Aware System to Secure Enterprise Content Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, (63-72)
- Nakamura S, Duolikun D and Takizawa M (2015). Read-abortion (RA) based synchronization protocols to prevent illegal information flow, Journal of Computer and System Sciences, 81:8, (1441-1451), Online publication date: 1-Dec-2015.
- Ghazinour K and Ghayoumi M A Dynamic Trust Model Enforcing Security Policies Proceedings of the International Conference on Intelligent Information Processing, Security and Advanced Communication, (1-5)
- Tang W, Xu Y, Wang G and Zhang Y An Illegal Indirect Access Prevention Method in Transparent Computing System Proceedings of the ICA3PP International Workshops and Symposiums on Algorithms and Architectures for Parallel Processing - Volume 9532, (264-275)
- Sobieski Ś and Zieliński B User Stories and Parameterized Role Based Access Control Proceedings of the 5th International Conference on Model and Data Engineering - Volume 9344, (311-319)
- Alves S, Broda S and Fernández M A Typed Language for Events Revised Selected Papers of the 25th International Symposium on Logic-Based Program Synthesis and Transformation - Volume 9527, (107-123)
- Ledru Y, Idani A and Richier J Validation of a security policy by the test of its formal B specification Proceedings of the Third FME Workshop on Formal Methods in Software Engineering, (6-12)
- Díaz-López D, Dólera-Tormo G, Gómez-Mármol F and Martínez-Pérez G (2015). Managing XACML systems in distributed environments through Meta-Policies, Computers and Security, 48:C, (92-115), Online publication date: 1-Feb-2015.
- Son J, Kim J, Na H and Baik D (2015). CBDAC, International Journal of Distributed Sensor Networks, 2015, (33-33), Online publication date: 1-Jan-2015.
- Rubis R and Cardei I Permission based granular access control pattern Proceedings of the 21st Conference on Pattern Languages of Programs, (1-6)
- Zhang D, Ramamohanarao K, Zhang R and Versteeg S (2014). Efficient Graph Based Approach to Large Scale Role Engineering, Transactions on Data Privacy, 7:1, (1-26), Online publication date: 1-Apr-2014.
- Gouglidis A, Mavridis I and Hu V (2014). Security policy verification for multi-domains in cloud systems, International Journal of Information Security, 13:2, (97-111), Online publication date: 1-Apr-2014.
- Jayaraman K, Tripunitara M, Ganesh V, Rinard M and Chapin S (2013). Mohawk, ACM Transactions on Information and System Security, 15:4, (1-28), Online publication date: 1-Apr-2013.
- Caron F, Vanthienen J and Baesens B (2013). Comprehensive rule-based compliance checking and risk management with process mining, Decision Support Systems, 54:3, (1357-1369), Online publication date: 1-Feb-2013.
- Cerny T and Song E UML-based enhanced rich form generation Proceedings of the 2011 ACM Symposium on Research in Applied Computation, (192-199)
- Leighton G and Barbosa D (2011). Access Control Policy Translation, Verification, and Minimization within Heterogeneous Data Federations, ACM Transactions on Information and System Security, 14:3, (1-28), Online publication date: 1-Nov-2011.
- Jayaraman K, Ganesh V, Tripunitara M, Rinard M and Chapin S Automatic error finding in access-control policies Proceedings of the 18th ACM conference on Computer and communications security, (163-174)
- Sobieski Ś and Zieliński B Modularisation in maude of parametrized RBAC for row level access control Proceedings of the 15th international conference on Advances in databases and information systems, (401-414)
- Ledru Y, Qamar N, Idani A, Richier J and Labiadh M Validation of security policies by the animation of Z specifications Proceedings of the 16th ACM symposium on Access control models and technologies, (155-164)
- Chamarty S, Patel H and Tripunitara M An authorization scheme for version control systems Proceedings of the 16th ACM symposium on Access control models and technologies, (123-132)
- Gouglidis A and Mavridis I Role-based secure inter-operation and resource usage management in mobile grid systems Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication, (38-53)
- Konopacki P, Belhaouari H, Frappier M and Laleau R Specification and verification of access control policies in EB3SEC Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security, (227-233)
- Oleshchuk V and Fensli R (2011). Remote Patient Monitoring Within a Future 5G Infrastructure, Wireless Personal Communications: An International Journal, 57:3, (431-439), Online publication date: 1-Apr-2011.
- Cadenhead T, Khadilkar V, Kantarcioglu M and Thuraisingham B A language for provenance access control Proceedings of the first ACM conference on Data and application security and privacy, (133-144)
- Komlenovic M, Tripunitara M and Zitouni T An empirical assessment of approaches to distributed enforcement in role-based access control (RBAC) Proceedings of the first ACM conference on Data and application security and privacy, (121-132)
- Jahid S, Gunter C, Hoque I and Okhravi H MyABDAC Proceedings of the first ACM conference on Data and application security and privacy, (97-108)
- Power D, Slaymaker M and Simpson A Automatic conformance checking of role-based access control policies via alloy Proceedings of the Third international conference on Engineering secure software and systems, (15-28)
- Frohardt R, Chang B and Sankaranarayanan S Access nets Proceedings of the 12th international conference on Verification, model checking, and abstract interpretation, (184-198)
- Bobba R, Fatemieh O, Khan F, Khan A, Gunter C, Khurana H and Prabhakaran M (2010). Attribute-Based Messaging, ACM Transactions on Information and System Security, 13:4, (1-35), Online publication date: 1-Dec-2010.
- Hurlin C and Kirchner H Semi-automatic synthesis of security policies by invariant-guided abduction Proceedings of the 7th International conference on Formal aspects of security and trust, (157-175)
- Cadenhead T, Kantarcioglu M and Thuraisingham B Scalable and efficient reasoning for enforcing role-based access control Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy, (209-224)
- Leighton G and Barbosa D Access control policy translation and verification within heterogeneous data federations Proceedings of the 15th ACM symposium on Access control models and technologies, (173-182)
- Kärger P and Siberski W Guarding a walled garden — semantic privacy preferences for the social web Proceedings of the 7th international conference on The Semantic Web: research and Applications - Volume Part II, (151-165)
- Mustafa T, Drouineaud M and Sohr K Towards formal specification and verification of a role-based authorization engine using JML Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems, (50-57)
- Slaymaker M, Power D and Simpson A Formalising and validating RBAC-to-XACML translation using lightweight formal methods Proceedings of the Second international conference on Abstract State Machines, Alloy, B and Z, (349-362)
- Smari W, Zhu J and Clemente P Trust and privacy in attribute based access control for collaboration environments Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services, (49-55)
- Jagadeesan R, Jeffrey A, Pitcher C and Riely J Towards a theory of accountability and audit Proceedings of the 14th European conference on Research in computer security, (152-167)
- Lu J, Li R, Lu Z, Hu J and Ma X Specification and Enforcement of Static Separation-of-Duty Policies in Usage Control Proceedings of the 12th International Conference on Information Security, (403-410)
- Deng L, He Y and Xu Z Separation of Duty in Trust-Based Collaboration Information Security and Cryptology, (370-388)
- Leighton G Preserving SQL access control policies over published XML data Proceedings of the 2009 EDBT/ICDT Workshops, (185-192)
- Rosenthal A, Seligman L, Chapman A and Blaustein B Scalable access controls for lineage First workshop on on Theory and practice of provenance, (1-10)
- Decker M Requirements for a location-based access control model Proceedings of the 6th International Conference on Advances in Mobile Computing and Multimedia, (346-349)
- Masoumzadeh A and Joshi J PuRBAC Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems, (1104-1121)
- Alawneh M and Abbadi I Preventing information leakage between collaborating organisations Proceedings of the 10th international conference on Electronic commerce, (1-10)
- Alawneh M and Abbadi I Sharing but Protecting Content Against Internal Leakage for Organisations Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security, (238-253)
- Byun J and Li N (2008). Purpose based access control for privacy protection in relational database systems, The VLDB Journal — The International Journal on Very Large Data Bases, 17:4, (603-619), Online publication date: 1-Jul-2008.
- Dekker M, Crampton J and Etalle S RBAC administration in distributed systems Proceedings of the 13th ACM symposium on Access control models and technologies, (93-102)
- Chen T (2008). Knowledge sharing in virtual enterprises via an ontology-based access control approach, Computers in Industry, 59:5, (502-519), Online publication date: 1-May-2008.
- Wang X, Feng D, Xu Z and Hu H Mediator-free secure policy interoperation of exclusively-trusted multiple domains Proceedings of the 4th international conference on Information security practice and experience, (248-262)
- Franco L, Sahama T and Croll P Security enhanced Linux to enforce mandatory access control in health information systems Proceedings of the second Australasian workshop on Health data and knowledge management - Volume 80, (27-33)
- Jafari M and Fathian M Management advantages of object classification in role-based access control (RBAC) Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security, (95-110)
- Slevin L and Macfie A Role based access control for a medical database Proceedings of the 11th IASTED International Conference on Software Engineering and Applications, (226-233)
- Bruns G, Dantas D and Huth M A simple and expressive semantic framework for policy composition in access control Proceedings of the 2007 ACM workshop on Formal methods in security engineering, (12-21)
- Shehab M, Bhattacharya K and Ghafoor A (2007). Web services discovery in secure collaboration environments, ACM Transactions on Internet Technology, 8:1, (5-es), Online publication date: 1-Nov-2007.
- Breu R, Popp G and Alam M (2007). Model based development of access policies, International Journal on Software Tools for Technology Transfer (STTT), 9:5-6, (457-470), Online publication date: 1-Oct-2007.
- Pulkkinen M, Naumenko A and Luostarinen K (2007). Managing information security in a business network of machinery maintenance services business - Enterprise architecture as a coordination tool, Journal of Systems and Software, 80:10, (1607-1620), Online publication date: 1-Oct-2007.
- Dekker M and Etalle S Refinement for administrative policies Proceedings of the 4th VLDB conference on Secure data management, (33-46)
- Encheva S and Tumin S Belnap's Logic in Sharing Protected Web Resources Knowledge-Based Intelligent Information and Engineering Systems and the XVII Italian Workshop on Neural Networks on Proceedings of the 11th International Conference, (125-132)
- Lancia M, Puccinelli R and Lombardi F Feasibility and benefits of migrating towards JEE Proceedings of the 5th international symposium on Principles and practice of programming in Java, (13-20)
- Enokido T, Barolli V and Takizawa M Role-based scheduling and synchronization algorithms to prevent illegal information flow Proceedings of the 1st international conference on Network-based information systems, (238-247)
- Encheva S and Tumin S Positive and negative authorizations to access protected web resources Proceedings of the 1st international conference on Network-based information systems, (79-87)
- Watanabe K, Nakajima Y, Enokido T and Takizawa M (2007). Ranking factors in peer-to-peer overlay networks, ACM Transactions on Autonomous and Adaptive Systems, 2:3, (11-es), Online publication date: 1-Sep-2007.
- Zhang C, Sun X, Lin X and Ho P A keyless facility access control system with wireless enabled personal devices The Fourth International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness & Workshops, (1-7)
- Encheva S and Tumin S Authentication and authorization user management within a collaborative community Proceedings of the 11th WSEAS International Conference on Computers, (565-570)
- Murthy R and Sedlar E Flexible and efficient access control in oracle Proceedings of the 2007 ACM SIGMOD international conference on Management of data, (973-980)
- Keromytis A and Smith J (2007). Requirements for scalable access control and security management architectures, ACM Transactions on Internet Technology, 7:2, (8-es), Online publication date: 1-May-2007.
- Li N, Tripunitara M and Bizri Z (2007). On mutually exclusive roles and separation-of-duty, ACM Transactions on Information and System Security, 10:2, (5-es), Online publication date: 1-May-2007.
- Dekker M, Cederquist J, Crampton J and Etalle S Extended privilege inheritance in RBAC Proceedings of the 2nd ACM symposium on Information, computer and communications security, (383-385)
- Hung P, Chiu D, Fung W, Cheung W, Wong R, Choi S, Kafeza E, Kwok J, Pun J and Cheng V (2007). End-to-end privacy control in service outsourcing of human intensive processes, Information Systems Frontiers, 9:1, (85-101), Online publication date: 1-Mar-2007.
- Liu C, Billard A, Ozols M and Jeremic N Access control models and security labelling Proceedings of the thirtieth Australasian conference on Computer science - Volume 62, (181-190)
- Tadj C and Ngantchaha G Context handling in a pervasive computing system framework Proceedings of the 3rd international conference on Mobile technology, applications & systems, (13-es)
- Kim D, Mehta P and Gokhale P Describing access control models as design patterns using roles Proceedings of the 2006 conference on Pattern languages of programs, (1-10)
- Agudo I, Lopez J and Montenegro J Attribute delegation based on ontologies and context information Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security, (54-66)
- Jeon J and Yoo K Cellular automata based role-delegation in RBAC Proceedings of the 7th international conference on Cellular Automata for Research and Industry, (588-594)
- Corradini A, Heindel T, Hermann F and König B Sesqui-pushout rewriting Proceedings of the Third international conference on Graph Transformations, (30-45)
- Park S, Han Y and Chung T Context-Role based access control for context-aware application Proceedings of the Second international conference on High Performance Computing and Communications, (572-580)
- Thion R and Coulondre S Representation and reasoning on role-based access control policies with conceptual graphs Proceedings of the 14th international conference on Conceptual Structures: inspiration and Application, (427-440)
- Jagadeesan R, Jeffrey A, Pitcher C and Riely J λ-RBAC Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II, (456-467)
- Schaad A, Lotz V and Sohr K A model-checking approach to analysing organisational controls in a loan origination process Proceedings of the eleventh ACM symposium on Access control models and technologies, (139-149)
- Chen H and Li N Constraint generation for separation of duty Proceedings of the eleventh ACM symposium on Access control models and technologies, (130-138)
- Encheva S and Tumin S Sharing protected web resources using distributed role-based modeling Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development, (532-543)
- Moon C, Paik W, Kim Y and Kwon J The conflict detection between permission assignment constraints in role-based access control Proceedings of the First SKLOIS conference on Information Security and Cryptology, (265-278)
- Shehab M, Bertino E and Ghafoor A Secure collaboration in mediator-free environments Proceedings of the 12th ACM conference on Computer and communications security, (58-67)
- Kim A, Luo J and Kang M Security ontology for annotating resources Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, COA, and ODBASE - Volume Part II, (1483-1499)
- Weber B, Reichert M, Wild W and Rinderle S Balancing flexibility and security in adaptive process management systems Proceedings of the 2005 Confederated international conference on On the Move to Meaningful Internet Systems - Volume >Part I, (59-76)
- Rinderle S and Reichert M On the controlled evolution of access rules in cooperative information systems Proceedings of the 2005 Confederated international conference on On the Move to Meaningful Internet Systems - Volume >Part I, (238-255)
- Balbiani P and Cheikh F Safety problems in access control with temporal constraints Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security, (165-178)
- Balbiani P Access Control with Uncertain Surveillance Proceedings of the 2005 IEEE/WIC/ACM International Conference on Web Intelligence, (778-781)
- Sohr K, Ahn G, Gogolla M and Migge L Specification and validation of authorisation constraints using UML and OCL Proceedings of the 10th European conference on Research in Computer Security, (64-79)
- Hung P, Chiu D, Fung W, Cheung W, Wong R, Choi S, Kafeza E, Kwok J, Pun J and Cheng V Towards end-to-end privacy control in the outsourcing of marketing activities Proceedings of the 7th international conference on Electronic commerce, (454-461)
- Laborde R, Barrère F and Benzekri A A security management information model derivation framework Proceedings of the Third international conference on Formal Aspects in Security and Trust, (217-234)
- Lui R, Chow S, Hui L and Yiu S Role activation management in role based access control Proceedings of the 10th Australasian conference on Information Security and Privacy, (358-369)
- Sohr K, Ahn G and Migge L (2005). Articulating and enforcing authorisation policies with UML and OCL, ACM SIGSOFT Software Engineering Notes, 30:4, (1-7), Online publication date: 1-Jul-2005.
- Lui R, Hui L and Yiu S Secure role activation and authorization in the enterprise environment Proceedings of the Second European conference on Public Key Infrastructure, (22-35)
- Shehab M, Bertino E and Ghafoor A SERAT Proceedings of the tenth ACM symposium on Access control models and technologies, (159-167)
- Kern A and Walhorn C Rule support for role-based access control Proceedings of the tenth ACM symposium on Access control models and technologies, (130-138)
- Sohr K, Ahn G and Migge L Articulating and enforcing authorisation policies with UML and OCL Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications, (1-7)
- Fisler K, Krishnamurthi S, Meyerovich L and Tschantz M Verification and change-impact analysis of access-control policies Proceedings of the 27th international conference on Software engineering, (196-205)
- Park S and Kwon G Verification of UML-Based security policy model Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part III, (973-982)
- Bertino E and Sandhu R (2005). Database Security-Concepts, Approaches, and Challenges, IEEE Transactions on Dependable and Secure Computing, 2:1, (2-19), Online publication date: 1-Jan-2005.
- Crampton J Applying hierarchical and role-based access control to XML documents Proceedings of the 2004 workshop on Secure web service, (37-46)
- Li N, Bizri Z and Tripunitara M On mutually-exclusive roles and separation of duty Proceedings of the 11th ACM conference on Computer and communications security, (42-51)
- Moon C and In H Inconsistency detection of authorization policies in distributed component environment Proceedings of the 5th international conference on Information Security Applications, (39-50)
- Kern A, Kuhlmann M, Kuropka R and Ruthert A A meta model for authorisations in application security systems and their integration into RBAC administration Proceedings of the ninth ACM symposium on Access control models and technologies, (87-96)
- Mont M, Harrison K and Sadler M The HP time vault service Proceedings of the 12th international conference on World Wide Web, (160-169)
Recommendations
Role-Based Access Control Models
Since the 1970s, computer systems have featured multiple applications and served multiple users, leading to heightened awareness of data security issues. System administrators and software developers focused on different kinds of access control to ...
Delegation in role-based access control
User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively ...
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...