Role-Based Access Control Models

  title={Role-Based Access Control Models},
  author={Ravi S. Sandhu and Edward J. Coyne and Hal L. Feinstein and Charles E. Youman},
Security administration of large systems is complex, but it can be simplified by a role-based access control approach. This article explains why RBAC is receiving renewed attention as a method of security administration and review, describes a framework of four reference models developed to better understand RBAC and categorizes different implementations, and discusses the use of RBAC to manage itself. 

A New Role-based Access Control Model

This paper analyzes the drawback of role-based access control model that is onerous secure maintenance costs in the systems which have a large amount of highly updating frequently information and proposes a new model―-ARBAC that can effectively overcome the drawback.

RBAC Model for SCADA

This paper focuses on recommending the usage of the Role-Based Access Control (RBAC) model to define the users’ security roles, permissions, authorization, and role hierarchy to access the SCADA

An Extended Access Control Model Based on Role and Department

This a new access control model DRBAC based on role and department is proposed, which extends the traditional role-based access control (RBAC) model. The new model adds the abstraction of the

A Flexible Applicable RBAC Model and Its Administration

This paper analyzes the existing access control models and proposes an improved role-based access control model and its administration with practical experience to handle with the user privilege assignment relation flexibly.

Process-based Access Control Model

This paper introduces an access control mechanism called PBAC(process-based access control),which models from the active process,based on the access control model of current operating

Extended role-based access control model for enterprise systems and web services

This thesis intends to develop application-level access control models to address several major security issues in enterprise environments. The first goal is to provide simple and efficient

Extended Role-Based Security System Using Context Information

  • Xun LiS. Yoo
  • Computer Science
    2008 Second International Conference on Future Generation Communication and Networking
  • 2008
The core RBAC model is extended with a general expression of context information and context rules that have ability to dynamically generate temporal roles are included in order to enhance system flexibility.

Database Security Integration using Role-Based Access Control

This research shows how the access control information of existing systems can be mapped to a role graph and, when two systems are being integrated, their role graphs can also be integrated.

Rights Management for Role-Based Access Control

The Role Based Access Control model with exceptions, context awareness, and delegation is extended with common notions from the field of Enterprise/Digital Rights Management to obtain a framework for controlling shared information in a distributed environment.

A framework for implementing role-based access control using CORBA security service

The paper shows how role-based access control (RBAC) models could be implemented using CORBA security service and describes what is required from an implementation of CORBA Security service in order to support RBAC0RBAC3 models.



Access Rights Administration in Role-Based Security Systems

The role graph model, its operator semantics based on graph theory and algorithms for role administration are proposed and it is shown how the model simulates other organizational structures such as hierarchies and privilege graphs.

Lattice-based access control models

A balanced perspective on lattice-based access control models is provided and information flow policies, the military lattice,Access control models, the Bell-LaPadula model, the Biba model and duality, and the Chinese Wall lattice are reviewed.

Conceptual foundations for a model of task-based authorizations

We describe conceptual foundations to address integrity issues in computerized information systems from the enterprise perspective. The motivation for this effort stems from the recognition that

The typed access matrix model

  • R. Sandhu
  • Computer Science
    Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy
  • 1992
The results establish that strong typing is crucial to achieving a useful demarcation between decidable and undecidable safety, and ternary monotonic commands are critical for tractable safety analysis.

Extending Access Control with Duties - Realized by Active Mechanisms

Extending access controls with duties|realized by active mecha- nisms

  • Database Security VI: Status and Prospects,
  • 1993