Learn More
This article introduces a family of reference models for role-based access control RBAC in which permissions are associated with roles, and users are made members of appropriate roles. This greatly simpliies management of permissions. Roles are closely related to the concept of user groups in access control. However, a role brings together a set of users on(More)
In role-based access control (RBAC), permissions are associated with roles' and users are made members of roles, thereby acquiring the roles; permissions. RBAC's motivation is to simplify administration of authorizations. An appealing possibility is to use RBAC itself to manage RBAC, to further provide administrative convenience and scalability, especially(More)
Recently there has been considerable interest in role-based access control RBAC as an alternative, and supplement, to the traditional discretionary and mandatory access controls DAC and MAC embodied in the Orange Book. The roots of RBAC can be traced back to the earliest access control systems. Roles have been used in a number of systems for segregating(More)
This chapter examines the state of modern intrusion detection, with a particular emphasis on the emerging approach of data mining. The discussion parallels two important aspects of intrusion detection: general detection strategy (misuse detection versus anomaly detection) and data source (individual hosts versus network traffic). Misuse detection attempts(More)
This material is based upon work supported by the Department of Commerce under contract number 50-DKNB-5-00188. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the authors and do not necessarily reflect the views of the Department of Commerce. There is a recognized need for a more robust method of(More)
Since as the internet and web application emerges security is the most challenging issue which we are facing, leads possibility of being easily damaged. Currently we based application structure is designed only by considering little security but avoid Performance issue. After the detailed study of web services architecture it is analyzed that it is not(More)
all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage; the copyright notice, the title of the publication, and its date appear; and notice is given that copying is by permission of ACM, Inc. To copy otherwise, to republish, to post on servers, or to(More)
The features of role-based access control (RBAC) considered desirable were discussed at the workshop during a group exercise. One of the results of the exercise was the realization that the desirability of RBAC features was related to the point of view of the individual making an evaluation. For example, the following types of individuals would probably(More)
  • 1