Learn More
This article introduces a family of reference models for role-based access control RBAC in which permissions are associated with roles, and users are made members of appropriate roles. This greatly simpliies management of permissions. Roles are closely related to the concept of user groups in access control. However, a role brings together a set of users on(More)
In role-based access control (RBAC), permissions are associated with roles' and users are made members of roles, thereby acquiring the roles; permissions. RBAC's motivation is to simplify administration of authorizations. An appealing possibility is to use RBAC itself to manage RBAC, to further provide administrative convenience and scalability, especially(More)
Recently there has been considerable interest in role-based access control RBAC as an alternative, and supplement, to the traditional discretionary and mandatory access controls DAC and MAC embodied in the Orange Book. The roots of RBAC can be traced back to the earliest access control systems. Roles have been used in a number of systems for segregating(More)
The features of role-based access control (RBAC) considered desirable were discussed at the workshop during a group exercise. One of the results of the exercise was the realization that the desirability of RBAC features was related to the point of view of the individual making an evaluation. For example, the following types of individuals would probably(More)
  • 1