[[TOC(Internal/Rbac, Internal/Rbac/OrbitRbacLevels, Internal/Rbac/OrbitRbacDesign, Internal/Rbac/OrbitRbacDesign/ThreatAnalysis, Internal/Rbac/OrbitRbacDesign/ResourcesRoles, Internal/Rbac/OrbitRbacDesign/ImplementationResearch, Internal/Rbac/OrbitRbacDesign/AuditingTools, Internal/Rbac/OrbitRbacDesign/ConsistencyChecking, Internal/Rbac/OrbitRbacDesign/NistRbacSoftware, Internal/Rbac/OrbitRbacDesign/SolarisRbac, Internal/Rbac/OrbitRbacDesign/OasisRbac, Internal/Rbac/OrbitRbacDesign/xoRbac, Internal/Rbac/OrbitRbacDesign/DesignByWiki, Internal/Rbac/OrbitRbacDesign/OpenIssues, Internal/Rbac/OrbitRbacDesign/WorkToDo, Internal/Rbac/LdapResources, Internal/Rbac/RbacResources)]] ==== Solaris RBAC Software ==== Not all ORBIT systems run Solaris. Too bad because Solaris 10 has RBAC built into it. Using it with ORBIT might be a challenge though. Faden describes the use of RBAC in Solaris UNIX Administration [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p95-faden.pdf Fad99]]. Ben Rockwood's blog entry [http://cuddletech.com/blog/pivot/entry.php?id=362 Using RBAC on (Open)Solaris] was posted 30 Sep '05. Sun's sites [http://docs.sun.com/app/docs/doc/806-4078/6jd6cjs5r?a=view Databases that Support RBAC] and [http://docs.sun.com/app/docs/doc/806-4078/6jd6cjs5s?a=view RBAC Commands] A Sun [http://www.sun.com/blueprints/ BluePrint] [http://www.sun.com/blueprints/0603/817-3062.pdf Role-Based Access Control and Secure Shell] and a Sun White Paper [http://www.sun.com/software/whitepapers/wp-rbac/wp-rbac.pdf RBAC in the Solaris Operating Environment] Three pages by Softpanorama (a 'slightly skeptical' Open Source Software Educational Society): [http://www.softpanorama.org/Solaris/Security/solaris_rbac.shtml Solaris 10 Role Based Access Control (RBAC)], [http://www.softpanorama.org/Access_control/role_engineering.shtml RBAC, SOX and Role Engineering in Large Organizations] and [http://www.softpanorama.org/Solaris/Security/solaris_privilege_sets.shtml#Privileges_and_RBAC Privileges and RBAC] Glenn Brunette's Security weblog's [http://blogs.sun.com/gbrunett/20050420 Enforcing a Two Man Rule Using Solaris 10 RBAC] posted April 30, 2005. Sawib Ali's e-mail [http://seclists.org/webappsec/2005/q3/0254.html FYI: RBAC for WebApps using LDAP] Hua and Osborn demonstrate that UNIX access control can be modeled with a role graph to enforce it or just to spot design flaws [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/hua98modeling.pdf HO98]]. Scott Fehrman's Using Sun Java System Identity Manager With RBAC Profiles in the Solaris OS was Sun Microsystem's The !BigAdmin System Administration Portal's Feature Article for August 2005 [[http://www.sun.com/bigadmin/features/articles/id_rbac.html Feh05]].