Academic
Publications
Configuring role-based access control to enforce mandatory and discretionary access control policies

Configuring role-based access control to enforce mandatory and discretionary access control policies,10.1145/354876.354878,ACM Transactions on Informa

Configuring role-based access control to enforce mandatory and discretionary access control policies   (Citations: 262)
BibTex | RIS | RefWorks Download
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general enough to simulate the traditional methods. In this paper we provide systematic constructions for various common forms of both of the traditional access control paradigms using the role-based access control (RBAC) models of Sandhu et al., commonly called RBAC96. We see that all of the features of the RBAC96 model are required, and that although for the manatory access control simulation, only one administrative role needs to be assumed, for the discretionary access control simulations, a complex set of administrative roles is required.
Journal: ACM Transactions on Information and System Security - TISSEC , vol. 3, no. 2, pp. 85-106, 2000
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
Sort by: