Open AccessBook
Role-based access control
Reads0
Chats0
TLDR
This newly revised edition of the Artech House bestseller, Role-Based Access Control, offers the very latest details on this sophisticated security model aimed at reducing the cost and complexity of security administration for large networked applications.Abstract:
This newly revised edition of the Artech House bestseller, Role-Based Access Control, offers you the very latest details on this sophisticated security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edition provides more comprehensive and updated coverage of access control models, new Rbac standards, new in-depth case studies and discussions on role engineering and the design of role-based systems. The book shows you how Rbac simplifies security administration by using roles, hierarchies, and constraints to manage the review and control of organizational privileges. Moreover, it explains how Rbac makes it possible to specify many types of enterprise security policies. This unique resource covers all facets of Rbac, from its solid model-theoretic foundations to its implementation within commercial products. You learn how to use Rbac to emulate other access control models and find frameworks and tools for administering Rbac. Research prototypes that have incorporated Rbac into various classes of software like Wfms, Web server, Os (Unix) and Java (Jee) are reviewed. Products implementing Rbac features such as relational Dbms and Enterprise Security Administration (Esa) systems are described to serve as a guide to the state of practice of Rbac.read more
Citations
More filters
Journal ArticleDOI
Social serendipity: mobilizing social software
Nathan Eagle,Alex Pentland +1 more
TL;DR: Serendipity is a new mobile-phone-based system that combines the existing communications infrastructure with online introduction systems' functionality to facilitate interactions between physically proximate people through a centralized server.
Journal ArticleDOI
Database security - concepts, approaches, and challenges
Elisa Bertino,Ravi Sandhu +1 more
TL;DR: The most relevant concepts underlying the notion of database security are surveyed and the most well-known techniques are summarized, and access control systems are described, namely, the discretionary and mandatory access control models, and the role-based access control (RBAC) model.
Journal ArticleDOI
Dynamic and Efficient Key Management for Access Hierarchies
TL;DR: The security of the scheme is based on pseudorandom functions, without reliance on the Random Oracle Model, and it is shown how to handle extensions proposed by Crampton [2003] of the standard hierarchies to “limited depth” and reverse inheritance.
Proceedings ArticleDOI
Verification and change-impact analysis of access-control policies
TL;DR: Margrave is presented, a software suite for analyzing role-based access-control policies that includes a verifier that analyzes policies written in the XACML language, translating them into a form of decision-diagram to answer queries and provides semantic differencing information between versions of policies.
Journal ArticleDOI
Information security and privacy in healthcare: current state of research
Ajit Appari,M. Eric Johnson +1 more
TL;DR: A holistic view of the recent research on information security and privacy in healthcare is provided and new areas of interest are suggested to the information systems community.
References
More filters
Proceedings ArticleDOI
A Comparison of Commercial and Military Computer Security Policies
David D. Clark,David R. Wilson +1 more
TL;DR: It is argued that a lattice model is not sufficient to characterize integrity policies, and that distinct mechanisms are needed to Control disclosure and to provide integrity.