Abstract
Role-based access control (RBAC) models have been introduced by several groups of researchers. We first introduce the basic components of the American National Standards Institute (ANSI) RBAC model and the role graph model; then we contrast some of the details of these two models. Some design guidelines for successful role hierarchy design are given. Finally, we discuss some issues in designing a role-based system when mandatory access control constraints must be satisfied.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
D. Ferraiolo and R. Kuhn. Role-based access control. In Proceedings of the NIST-NSA National Computer Security Conference, pages 554–563, 1992.
M.-Y. Hu, Steven A. Demurjian, and T. C. Ting. User-role based security profiles for an object-oriented design model. In B. M. Thuraisingham and C. E. Landwehr, editors, Database Security VI, Status and Prospects, Amsterdam, 1993. North-Holland.
M. Nyanchama and S. L. Osborn. Access rights administration in role-based security systems. In J. Biskup, M. Morgenstern, and C. E. Landwehr, editors, Database Security, VIII, Status and Prospects, pages 37–56. North-Holland, 1994.
R. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. Role-based access control models. IEEE Computer, 29:38–47, Feb. 1996.
R. Sandhu. Lattice-based access control models. IEEE Computer, 26:9–19, Nov. 1993.
American National Standards Institute, Inc. Role-Based Access Control. ANSI INCITS 359-2004. Approved Feb. 3, 2004.
M. Nyanchama and S. L. Osborn. The role graph model and conflict of interest. ACM TISSEC, 2(1):3–33, 1999.
S. Osborn and Y. Guo. Modeling users in role-based access control. In Fifth ACM RBAC Workshop, pages 31–38, Berlin, Germany, July 2000.
F. Rabitti, E. Bertino, W. Kim, and D. Woelk. A model of authorization for next-generation database systems. ACM Trans Database Syst, 16(1):88–131, 1991.
C. M. Ionita and S. L. Osborn. Privilege administration for the role graph model. In Research Directions in Data and Applications Security, pages 15–25. Kluwer Academic, 2003.
J. Wang and S.L. Osborn. A role-based approach to access control for XML databases. In Proc. ACM SACMAT, 2004.
D.F. Ferraiolo, R. Sandhu, S. Gavrila, D.R. Kuhn, and R. Chandramouli. Proposed NIST standard for role-based access control. ACM TISSEC, 4(3):224–275, 2001.
D._F. Ferraiolo, R. Chandramouli, G. Ahn, and S. I. Gavrila. The role control center: features and case studies. In Proc. Eighth ACM SACMAT, pages 12–20, New York, NY, USA, 2003. ACM Press.
S.L. Osborn, Y. Han, and J. Liu. A methodology for managing roles in legacy systems. In Proc. 8th ACM SACMAT, pages 33–40, 2003.
H. Wang and S.L. Osborn. An administrative model for role graphs. In I. Ray De Capitani di Vimercati, S. and I. Ray, editors, Data and Applications Security XVII, Status and Prospects, pages 302–315. Kluwer, 2004.
S.L. Osborn, R. Sandhu, and Q. Munawer. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans. Information and System Security, 3(2):1–23, 2000.
S.L. Osborn. Mandatory access control and role-based access control revisited. In Proceedings Second ACM RBAC Workshop, pages 31–40, Nov. 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Osborn, S.L. (2007). Role-Based Access Control. In: Petković, M., Jonker, W. (eds) Security, Privacy, and Trust in Modern Data Management. Data-Centric Systems and Applications. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69861-6_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-69861-6_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69860-9
Online ISBN: 978-3-540-69861-6
eBook Packages: Computer ScienceComputer Science (R0)