- 1.Role-Based Access Control Protection Profile, Common Criteria, July 30, 1998Google Scholar
- 2.Decentralized Group Hierarchies in UNIX: An Experiment and Lessons Learned, R. Sandhu & G Ahn, In Proceedings of 21st NIST-NCSC National Information Systems Security Conference, pages 486-502Google Scholar
- 3.Role-Based Access Control (RBAC): Features and Motivations, David Ferraiolo et al., Computer Security Applications Conference, 1995Google Scholar
- 4.A Role Based Access Control Model and Reference Implementation within a Corporate Internet. David E Ferraiolo, John F. Barkley, and D. Richard Kuhn, ACM Transactions on Information Systems Security, Volume 1, Number 2, February 1999, National Institute of Standards and Technology Google ScholarDigital Library
- 5.Role-Based Access Control In Commercial Database Management Systems, D.F and D.R. Kuhn, In Proceedings of 21st NIST-NCSC National Information Systems Security Conference, pages 503-511Google Scholar
- 6.Java Authentication and Authorization Service, http:I/java.sun.com/security/jaas, April 13, 1999.Google Scholar
- 7.Specifying and Managing Role-Based Access Control within a Corporate Intranet, Ferraiolo, Barkley, 1997, Second ACM Workshop on Role-Based Access Control, 1997 Google ScholarDigital Library
- 8.X/Open Single Sign-on Service (XSSO) - Pluggable Authentication Modules, August 5, 1998Google Scholar
- 9.Inheritance Properties of Role Hierarchies, W. Jansen, In Proceedings of 21st NIST-NCSC National information Systems Security Conference, pages 476-485.Google Scholar
Index Terms
- RBAC in UNIX administration
Recommendations
Runtime Administration of an RBAC Profile for XACML
The eXtensible Access Control Markup Language (XACML) is the de facto language to specify access control policies for web services. XACML has an RBAC profile (XACML-RBAC) to support role-based access control policies. We extend this profile with an ...
Towards Session-Aware RBAC Administration and Enforcement with XACML
POLICY '09: Proceedings of the 2009 IEEE International Symposium on Policies for Distributed Systems and NetworksAn administrative role-based access control (ARBAC) model specifies administrative policies over a role-based access control(RBAC) system, where an administrative permission may change an RBAC policy by updating permissions assigned to roles, or ...
Comments