S
Serban I. Gavrila
Researcher at National Institute of Standards and Technology
Publications - 38
Citations - 3893
Serban I. Gavrila is an academic researcher from National Institute of Standards and Technology. The author has contributed to research in topics: Access control & Role-based access control. The author has an hindex of 15, co-authored 38 publications receiving 3801 citations.
Papers
More filters
Journal ArticleDOI
Proposed NIST standard for role-based access control
TL;DR: Although RBAC continues to evolve as users, researchers, and vendors gain experience with its application, the features and components proposed in this standard represent a fundamental and stable set of mechanisms that may be enhanced by developers in further meeting the needs of their customers.
Proceedings ArticleDOI
On the formal definition of separation-of-duty policies and their composition
TL;DR: It is concluded that the practical implementation of SoD policies requires new methods and tools for security administration, even within applications that already support RBAC, such as most database management systems.
Patent
Method for automatic permission management in role-based access control systems
TL;DR: Role-based access control (RBAC) as mentioned in this paper is a method for automatic permission management in centralized and distributed operating systems using role based access control that supports selective and multiple instantiations of roles, multiple inheritance of permission and membership, and provides scalable and efficient distribution, review and revocation of permissions and access authorization.
Proceedings ArticleDOI
Formal specification for role based access control user/role and role/role relationship management
Serban I. Gavrila,John Barkley +1 more
TL;DR: The paper defines the semantics of Admin Tool operations, and shows that, given a consistent RBAC Database and an operation which meets specified conditions, theRBAC Database remains consistent after the operation is performed.
ReportDOI
Picture Password: A Visual Login Technique for Mobile Devices
TL;DR: Picture Password is described, a general-purpose mechanism for authenticating a user to a PDA using a visual login technique called Picture Password, which overcome a number of problems with knowledge-based authentication for handheld devices.