- GD72.G.S. Graham and P.j. Denning. Protection - principles and practice. In AFIPS Spring Joint Computer Conference, pages 40:417- 429, 1972.Google Scholar
- HRU76.M.H. Harrison, W.L. Ruzzo, and J.D. Ullman. Protection in operating systems. Communications of the A CM, 19(8):461-471, 1976. Google ScholarDigital Library
- Lam71.B.W. Lampson. Protection. In 5th Princeton Symposium on information Science and Systems, pages 437-443, 1971. Reprinted in A CM Operating Systems Review 8(1):18-24, 1974. Google ScholarDigital Library
- NO96.Matunda Nyanchama and Sylvia Osborn. Modeling mandatory access control in rolebased security systems. In Database Security VIII: Status and Prospects. Chapman-Hall, 1996. Google ScholarDigital Library
- San88.Ravi S. Sandh~l. The schematic protection model: Its definition and analysis for acyclic attenuating schemes. Journal o} the A CM, 35(2):404-432, April 1988. Google ScholarDigital Library
- San92.Ravi S. Sandhu. The typed access matrix model. In Proceedings o} IEEE Symposium on Research in Security and Privacy, pages 122-136, Oakland~ CA, May 1992. Google ScholarDigital Library
- San93.Ravi S. Sandhu. Lattice-based access control models. IEEE Computer, 26(11):9-19, November 1993. Google ScholarDigital Library
- San96.Ravi S. Saudhu. Role hierarchies and constraints for lattice-based access controls. In Elisa Bertino, editor, Proc. Fourth European Symposium on Research in Computer Security. Springer-Verlag, Rome, Italy, 1996. Published as Lecture Notes in Computer Science, Computer Security-ESORICS96. Google ScholarDigital Library
- San97.Ravi Sandhu. Rationale for the RBAC96 family of access control models. In Proceedings of the 1st A CM Workshop on Role- Based Access Control. ACM, 1997. Google ScholarDigital Library
- SCFY96.Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman. Rolebased access control models. IEEE Computer, 29(2):38-47, February 1996. Google ScholarDigital Library
- SS94.Ravi Sandhu and Pierangela Samarati. Access control: Principles and practice. IEEE Communications, 32(9):40-48, 1994.Google ScholarDigital Library
- SS97.Ravi S. Sandhu and Pieran~ela Samarati. Authentication, access control and intrusion detection. In Allen B. Tucker, editor, The Computer Science and Engineering Handbook, pages 1929-1948. CRC Press, 1997.Google Scholar
Index Terms
- How to do discretionary access control using roles
Recommendations
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Discretionary access control with the administrative role graph model
SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologiesPrevious research examining the mapping of discretionary access control (DAC) to role-based access control (RBAC) has considered neither ownership nor further granting of privileges. We show how to accomplish this by mapping from a relational database ...
Homonymous role in role-based discretionary access control
The access control model is a core aspect of trusted information systems. Based on the role based access control (RBAC) model, we put forward the concept of the homonymous role, which extends the role control categories in RBAC, balances the control ...
Comments