- Bal90.Robert W. Baldwin. Naming and grouping privileges to simplify security management in large database. In Proceedings of IEEE Symposium on Research in Security and privacy, pages 61-70, Oakland, CA, April 1990.Google ScholarCross Ref
- CS95.Fang Chen and Ravi Sandhu. Constraints for role based access control. In Proceedings of 1st A CM Workshop on Role-Based Access Control, pages 39-46, Gaithersburg, MD, November 1995. Google ScholarDigital Library
- CW87.D.D. Clark and D. R. Wilson. A comparision of commercial and military computer security plocies. In Proceedings of IEEE Symposium on Security and Privacy, pages 184- 194, April 1987.Google ScholarCross Ref
- FBK99.David F. Ferraiolo, John F. Barkley, and D. Richard Kuhn. A role based access control model and reference implementation within a corporate intranet. A CM Transactions on Information and Systems Security, 2(1):34-64, February 1999. Google ScholarDigital Library
- FCK95.David Ferraiolo, Janet Cugini, and Richard Kuhn. Role-based access control (RBAC): Features and motivations. In Proceedings of 11th Annual Computer Security Application Conference, pages 241-48, New Orleans, LA, December 11-15 1995.Google Scholar
- GGF98.Virgil D. Gligor, Serban I. Gavrila, and David Ferraiolo. On the formal definition of separation-of-duty policies and their composition. In Proceedings of IEEE Symposium on Research in Security and Privacy, pages 172-183, Oakland, CA, May 1998.Google ScholarCross Ref
- Kuh97.D. Richard Kuhn. Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems. In Proceedings of 2nd A CM Workshop on Role- Based Access Control, Fairfax, VA, October 1997. Google ScholarDigital Library
- NO99.Matunda Nyanchama and Sylvia Osborn. The role graph model and conflict of interest. A CM Transactions on Information and Systems Security, 2(1):3-33, February 1999. Google ScholarDigital Library
- NP90.M.N. Nash and K.R. Poland. Some conundrums concerning separation of duty. In Proceedings o/ IEEE Symposium on Security and Privacy, pages 201-207, Oakland, CA, May 1990.Google ScholarCross Ref
- San88.Ravi Sandhu. Transaction control expressions for separation of duties. In Proceedings of 4th Aerospace Computer Security Conference, pages 282-286, Orlando, FL, December 1988.Google ScholarCross Ref
- San93.Ravi S. Sandhu. Lattice-based access control models. IEEE Computer, 26(11):9-19, November 1993. Google ScholarDigital Library
- San96.Ravi S. Sandhu. Role hierarchies and constraints for lattice-based access controls. In Elisa Bertino, editor, Proc. Fourth European Symposium on Research in Computer Security. Springer-Verlag, Rome, Italy, 1996. Published as Lecture Notes in Computer Science, Computer Security-ESORICS96. Google ScholarDigital Library
- San97.Ravi Sandhu. Rationale for the RBAC96 family of access control models. In Proceedings of the 1st A CM Workshop on Role- Based Access Control. ACM, 1997. Google ScholarDigital Library
- SCFY96.Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman. Rolebased access control models. IEEE Computer, 29(2):38-47, February 1996. Google ScholarDigital Library
- SZ97.R.T. Simon and M. E. Zurko. Separation of duty in role-based environments. In Proceedings of IEEE Computer Security Foundations Workshop, pages 183-194, Rockport, MA, December 1997. Google ScholarDigital Library
- TS94.Roshan Thomas and Ravi S. Sandhu. Conceptual foundations for a model of task-based authorizations. In Proceedings of IEEE Computer Security Foundations Workshop, pages 66-79, Franconia, NH, June 1994.Google ScholarCross Ref
Index Terms
- The RSL99 language for role-based separation of duty constraints
Recommendations
Role-based authorization constraints specification
Constraints are an important aspect of role-based access control (RBAC) and are often regarded as one of the principal motivations behind RBAC. Although the importance of contraints in RBAC has been recogni zed for a long time, they have not recieved ...
Dependencies and separation of duty constraints in GTRBAC
SACMAT '03: Proceedings of the eighth ACM symposium on Access control models and technologiesA Generalized Temporal Role Based Access Control (GTRBAC) model that captures an exhaustive set of temporal constraint needs for access control has recently been proposed. GTRBAC's language constructs allow one to specify various temporal constraints on ...
Enforcement of separation of duty constraints in attribute-based access control
AbstractWhile the verification of separation of duty (SoD) constraints on attribute based access control (ABAC) systems has been defined and examined in existing works, it still remains an open problem since the existing approaches are either ...
Comments