SACMAT

Research in the area of role-based access control has made fast progress over the last few years. However, little has been done to identify and describe existing role-based access control systems within large organisations. This paper describes the ...

In the future, a largely invisible and ubiquitous computing infrastructure will assist people with a variety of activities in the home and at work. The applications that will be deployed in such systems will create and manipulate private information and ...

We discuss the integration of contextual information with team-based access control. The TMAC model was formulated by Thomas in [1] to provide access control for collaborative activity best accomplished by teams of users. In TMAC, access control ...

Java development kit 1.2 provides a runtime access control mechanism which inspects a control stack to examine whether the program has appropriate access permissions. Guaranteeing that each execution of a program with stack inspection satisfies required ...

The increased availability of tools and technologies to access and use the data has made more urgent the needs for data protection. Moreover, emerging applications and data models call for more flexible and expressive access control models. This has ...

Research on access control models was started in the 1960s and 1970s by the two thrusts of mandatory and discretionary access control. Mandatory access control (MAC) came from the military and national security arenas whereas discretionary access ...

The rapid growth of the Web and the ease with which data can be accessed facilitate the distribution and sharing of information. Information dissemination often takes the form of documents that are made available at Web servers, or that are actively ...

As more businesses engage in globalization, inter-organizational collaborative computing grows in importance. Since we cannot expect homogeneous computing environments in participating organizations, heterogeneity and Internet-based technology are ...

As Internet usage proliferates, resource security becomes both more important and more complex. Contemporary users and systems are ill-equipped to deal with the complex security demands of a ubiquitous, insecure network. The YGuard Access Control ...

This paper presents the access control mechanisms in Windows 2000 that enable fine-grained protection and centralized management. These mechanisms were added during the transition from Windows NT 4.0 to support the Active Directory, a new feature in ...

There are three major drawbacks of a centralized security administration in distributed systems: It creates a bottleneck for request handling, it tends to enforce homogeneous security structures in heterogeneous user groups and organizations, and it is ...

The specification of constraint languages for access control models has proven to be difficult but remains necessary for safety and for mandatory access control policies. While the authorisation relation $(Subject \times Object \rightarrow \pow Right)$ ...

A uniform and precise framework for the specification of access control policies is proposed. The uniform framework allows the detailed comparison of different policy models, the precise description of the evolution of a policy, and an accurate analysis ...

General access control models enable flexible expression of access control policies, but they make the verification of whether a particular access control configuration is safe (i.e., prevents the leakage of a permission to an unauthorized subject) ...

The question before the panel: Considering all factors (for example: quality of protection, performance, compatibility, ease of use), which operating system access control technique will provide the greatest overall benefit to users?

In current role-based systems, security officers handle assignments of users to roles. However, fully depending on this functionality may increase management efforts in a distributed environment because of the continuous involvement from security ...

This paper describes a structured approach to managing Role-permission relationships for implementing RBAC in large decentralized organizations. The paper begins by outlining the rationale behind this design followed by the description of its two main ...

OASIS is a role-based access control architecture for achieving secure interoperation of services in an open, distributed environment. Services define roles and implement formally specified policy for role activation and service use; users must present ...