MetaCartSign in to MyCiteSeer

Include Citations | Advanced Search | Help

Include Citations | Advanced Search | Help

  Role Hierarchies and Constraints for Lattice-Based Access Controls (1996) [45 citations — 6 self]

Download:
Download as a PDF
by Ravi Sandhu
Proc. Fourth European Symposium on Research in Computer Security
http://www.list.gmu.edu/confrnc/esorics/pdf_ver/e96rbac.pdf
Add To MetaCart

Abstract:

Abstract Role-based access control (RBAC) is a promising alternative to traditional discretionary and mandatory access controls. In RBAC permissions are associated with roles, and users are made members of appropriate roles thereby acquiring the roles ' permissions. In this paper we formally show that latticebased mandatory access controls can be enforced by appropriate con guration of RBAC components. Our constructions demonstrate that role hierarchies and constraints are required to effectively achieve this result. We show that variations of the lattice-based?-property, such as write-up (liberal?-property) and no-write-up (strict?-property), can be easily accommodated in RBAC. Our results attest to the exibility ofRBAC and its ability toaccommodate di erent policies by suitable con guration of role hierarchies and constraints. 1

Citations

633 Role-Based Access Control Models – Feinstein, Sandhu, et al. - 1996
284 Wilson:A Comparison of Commercial and Military Computer Security Policies – Clark, David - 1987
173 Role-Based Access Controls – Ferraiolo, Kuhn - 1992
96 Access Control: Principles and Practice – Sandhu, Samarati - 1994
26 Modeling Mandatory Access Control in Role-based Security Systems – Nyanchama, Osborn - 1996
25 Using mandatory integrity to enforce \commercial" security – Lee - 1988
16 Secure Computer Systems: A Network Interpretation – Bell - 1986
13 Using mandatory integrity to enforce "commercial" security – Lee - 1988
8 Implementing the Clark/Wilson integrity policy using current technology – Schockley - 1988
View or Download | Add to My Collection | Correct Errors