Changes between Version 33 and Version 34 of Internal/Rbac/RbacResources


Ignore:
Timestamp:
Sep 13, 2006, 6:20:38 PM (18 years ago)
Author:
hedinger
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Internal/Rbac/RbacResources

    v33 v34  
    7373  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/CACM_Accepted.pdf BBG06]] Rafae Bhatti, Elisa Bertino, and Arif Ghafoor. An Integrated Approach to Federated Identity and Privilege Management in Open Systems. ''Communications of the ACM'', 2006. Accepted for publication.
    7474
     75  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01297300.pdf BBGJ04]] Rafae Bhatti, Elisa Bertino, Arif Ghafoor, and James B. D. Joshi. XML-Based Specification for Web Services Document Security. ''Computer'', 37(4):41--49, April 2004.
     76
    7577  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p126-bertino.pdf BBS94]] Elisa Bertino, Claudio Bettini, and Pierangela Samarati. A Temporal Authorization Model. In ''CCS '94: Proceedings of the 2nd ACM Conference on Computer and communications security'', pages 126--135, New York, NY, USA, 1994. ACM Press.
    7678
     
    8183  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p39-basin.pdf BDL06]] David Basin, Jürgen Doser, and Torsten Lodderstedt. Model Driven Security: From UML Models to Access Control Infrastructures. ''ACM Trans. Softw. Eng. Methodol.'', 15(1):39--91, 2006.
    8284
    83   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/botha.pdf BE01]] Reinhardt A. Botha and Jan H. P. Eloff. Separation of Duties for Access Control Enforcement in Workflow Environments. ''IBM Syst. J.'', 40(3):666--682, 2001.
     85  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/JP_006.pdf BE01a]] Reinhardt A. Botha and Jan H. P. Eloff. A Framework for Access Control in Workflow Systems. ''Information Management and Computer Security'', 9(3):126--133, 2001.
     86
     87  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/botha.pdf BE01b]] Reinhardt A. Botha and Jan H. P. Eloff. Separation of Duties for Access Control Enforcement in Workflow Environments. ''IBM Syst. J.'', 40(3):666--682, 2001.
    8488
    8589  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/belokosztolszki03shielding.pdf BE03]] András Belokosztolszki and David Eyers. Shielding the OASIS RBAC Infrastructure from Cyberterrorism. In ''Research Directions in Data and Applications Security'', pages 3--14. Kluwer Academic Publishers, 2003.
     
    9195  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/belokosztolszki03policy.pdf BEWM03]] András Belokosztolszki, David M. Eyers, Wei Wang, and Ken Moody. Policy Storage for Role-Based Access Control Systems. In ''Proceedings of the Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE'03)'', pages 196--201, 2003.
    9296
     97  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p65-bertino.pdf BFA99]] Elisa Bertino, Elena Ferrari, and Vijay Atluri. The Specification and Enforcement of Authorization Constraints in Workflow Management Systems. ''ACM Trans. Inf. Syst. Secur.'', 2(1):65--104, 1999.
     98
    9399  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00502679.pdf BFL96]] Matt Blaze, Joan Feigenbaum, and Jack Lacy. Decentralized Trust Management. In ''Proceedings of the 1996 IEEE Symposium on Security and Privacy'', pages 164--173, Washington, DC, USA, May 1996. IEEE Computer Society.
    94100
     
    129135  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p77-burrow.pdf Bur04]] Andrew Lincoln Burrow. Negotiating Access within Wiki: A System to Construct and Maintain a Taxonomy of Access Rules. In ''HYPERTEXT '04: Proceedings of the Fifteenth ACM Conference on Hypertext and Hypermedia'', pages 77--86, New York, NY, USA, 2004. ACM Press.
    130136
     137  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00596810.pdf BV97]] Yun Bai and Vijay Varadharajan. A Logic for State Transformations in Authorization Policies. In ''CSFW '97: Proceedings of the 10th Computer Security Foundations Workshop (CSFW '97)'', page 173, Washington, DC, USA, 1997. IEEE Computer Society.
     138
    131139  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/fmics_03.pdf BW03]] Achim D. Brucker and Burkhart Wolff. A Case Study of a Formalized Security Architecture. In ''Electr. Notes Theor. Comput. Sci., FMICS'03: Eighth International Workshop on Formal Methods for Industrial Critical Systems'', volume 80, pages 1--17, Netherlands, June 2003. Elsevier Science B. V.
    132140
    133141  [[http://www.amazon.com/gp/product/1565924916/ Car03]] Gerald Carter. ''LDAP System Administration''. O'Reilly Media, Inc., Sebastopol, CA, USA, March 2003.
    134142
     143  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/IC_003.pdf CBE00]] Damian G. Cholewka, Reinhardt A. Botha, and Jan H. P. Eloff. A Context-Sensitive Access Control Model and Prototype Implementation. In ''Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures'', pages 341--350, Deventer, The Netherlands, The Netherlands, 2000. Kluwer, B.V.
     144
    135145  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/ACM_XML_Paper_Final.pdf Cha00]] Ramaswamy Chandramouli. Application of XML Tools for Enterprise-Wide RBAC Implementation Tasks. In ''RBAC '00: Proceedings of the Fifth ACM Workshop on Role-Based Access Control'', pages 11--18, New York, NY, USA, 2000. ACM Press.
    136146
     
    167177  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p49-chakraborty.pdf CR06]] Sudip Chakraborty and Indrajit Ray. TrustBAC: Integrating Trust Relationships into the RBAC Model for Access Control in Open Systems. In ''SACMAT '06: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies'', pages 49--58, New York, NY, USA, 2006. ACM Press.
    168178
     179  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p145-crampton.pdf Cra02]] Jason Crampton. Administrative scope and role hierarchy operations. In ''SACMAT '02: Proceedings of the seventh ACM symposium on Access control models and technologies'', pages 145--154, New York, NY, USA, 2002. ACM Press.
     180
    169181  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p85-crampton.pdf Cra03a]] Jason Crampton. On Permissions, Inheritance and Role Hierarchies. In ''CCS '03: Proceedings of the 10th ACM Conference on Computer and Communications Security'', pages 85--92, New York, NY, USA, 2003. ACM Press.
    170182
     
    185197  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01357945.pdf DBTS04]] Michael Drouineaud, Maksym Bortin, Paolo Torrini, and Karsten Sohr. A first step towards formal verification of security policy properties for RBAC. In ''QSIC '04: Proceedings of the Fourth International Conference on Quality Software'', pages 60--67, Washington, DC, USA, 2004. IEEE Computer Society.
    186198
     199  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p59-damiani.pdf DDPS00]] Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, and Pierangela Samarati. Design and Implementation of an Access Control Processor for XML Documents. ''Computer Networks'', 33:59--75, 2000.
     200
    187201  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/tcsec-dod85.pdf Def85]] Department of Defense. ''Department of Defense Trusted Computer System Evaluation Criteria''. United States Government Printing Office, December 1985. DOD 5200.28-STD (The Orange Book).
    188202
     
    207221  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p95-faden.pdf Fad99]] Glenn Faden. RBAC in UNIX Administration. In ''RBAC '99: Proceedings of the Fourth ACM Workshop on Role-Based Access Control'', pages 95--101, New York, NY, USA, 1999. ACM Press.
    208222
     223  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p77-ferraiolo.pdf FB97]] David Ferraiolo and John Barkley. Specifying and Managing Role-Based Access Control Within a Corporate Intranet. In ''RBAC '97: Proceedings of the second ACM workshop on Role-based access control'', pages 77--82, New York, NY, USA, 1997. ACM Press.
     224
    209225  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p34-ferraiolo.pdf FBK99]] David F. Ferraiolo, John F. Barkley, and D. Richard Kuhn. A Role-Based Access Control Model and Reference Implementation Within a Corporate Intranet. ''ACM Transactions on Information and System Security'', 2(1):34--64, 1999.
    210226
     
    243259  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/2957.pdf GC04]] Jeroen van de Graaf and Osvaldo Carvalho. Reflecting on X.509 and LDAP or How Separating Identity and Attributes Could Simplify a PKI. In ''Fourth Workshop em Segurança de Sistemas Computacionais WSEG2004''. UFMG, 2004.
    244260
     261  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00630829.pdf GDS97]] Mats Gustafsson, Benoit Deligny, and Nahid Shahmehri. Using NFS to Implement Role-Based Access Control. In ''WET-ICE '97: Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises'', pages 299--304, Washington, DC, USA, 1997. IEEE Computer Society.
     262
    245263  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/gao-etal-2004.pdf GDYE04]] Shu Gao, Yi Deng, Huiqin Yu, Xudong He, Konstanin Beznosov, and Kendra Cooper. Applying Aspect-Orientation in Designing Security Systems: A Case Study. In ''Proceedings of the Sixteenth International Conference on Software Engineering and Knowledge Engineering'', 2004.
    246264
    247265  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00674833.pdf GGF98]] Virgi D. Gligor, Serban I. Gavrila, and David Ferraiolo. On the Formal Definition of Separation-of-Duty Policies and Their Composition. In ''Proceedings of the 19th IEEE Computer Society Symposium on Research in Security and Privacy'', pages 1--12, Washington, DC, USA, May 1998. IEEE Computer Society.
    248266
     267  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00503698.pdf GI96]] Luigi Giuri and Pietro Iglio. A Formal Model for Role-Based Access Control with Constraints. In ''Proceedings of the 9th IEEE Computer Security Foundations Workshop'', pages 136--145, Washington, DC, USA, June 1996. IEEE Computer Society.
     268
    249269  [[http://digitalbusinessstrategy.com/?p=48 Gif06]] Bob Gifford. My RBAC Heresy. ''Digital Business Strategy'', June 2006.
    250270
     
    263283  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/weiguan.pdf Gua06]] Wei Guan. Improvement on role based access control model. Technical report, Information Retrieval Lab of IIT, 2006.
    264284
     285  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p83-huang.pdf HA99]] Wei-Kuang Huang and Vijayalakshmi Atluri. SecureFlow: A Secure Web-Enabled Workflow Management System. In ''RBAC '99: Proceedings of the Fourth ACM Workshop on Role-Based Access Control'', pages 83--94, New York, NY, USA, 1999. ACM Press.
     286
    265287  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/STAT_RBAC_Paper.pdf Har06]] Harris Corp. Role-Based Access Control In Network Vulnerability Management. Technical report, Harris Corp., March 2006.
    266288
     289  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/hallyn.pdf HK00]] Serge E. Hallyn and Phil Kearns. Domain and Type Enforcement for Linux. In ''Proceedings of the 4th Annual Linux Showcase and Conference'', pages 247--260. The USENIX Association, October 2000.
     290
    267291  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01636184.pdf HKF06]] Vincent C. Hu, D. Richard Kuhn, and David F. Ferraiolo. The Computational Complexity of Enforceability Validation for Generic Access Control Rules. In ''IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC'06)'', volume 1, pages 260--267, Los Alamitos, CA, USA, 2006. IEEE Computer Society.
    268292
     293  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00848442.pdf HMME00]] Amir Herzberg, Yosi Mass, Joris Michaeli, Yiftach Ravid, and Dalit Naor. Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers. In ''SP '00: Proceedings of the 2000 IEEE Symposium on Security and Privacy'', page 2, Washington, DC, USA, 2000. IEEE Computer Society.
     294
    269295  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/hua98modeling.pdf HO98]] Lingling Hua and Sylvia Osborn. Modeling UNIX Access Control with a Role Graph. In ''Proceedings of 1998 International Conference on Computers and Information'', June 1998.
    270296
     
    281307  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00902348.pdf HV00]] M. Hitchens and V. Varadharajan. Design and specification of role based access control policies. ''IEE Proceedings on Software'', 147(4):117--129, August 2000.
    282308
     309  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/95948X509A4.pdf ISO93]] ISO/IEC. ITU-T Rec. x.509 (1993E), Information technology -- Open Systems Interconnection -- The Directory: Authentication Framework. Technical Report Recommendation X.509 ISO/IEC 9594-8, ISO/IEC, 1993. 95948X509A4.ps.
     310
    283311  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/c021573_ISO_IEC_13568_2002E.pdf ISO02]] ISO/IEC. Information Technology - Z Formal Specification Notation - Syntax, Type System and Semantics. Technical Report 13568:2002, ISO/IEC, July 2002. International Standard.
    284312
    285313  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p33-jaeger.pdf Jae99]] Trent Jaeger. On the Increasing Importance of Constraints. In ''RBAC '99: Proceedings of the fourth ACM workshop on Role-based access control'', pages 33--42, New York, NY, USA, 1999. ACM Press.
    286314
     315  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p38-joshi.pdf JAGS01]] James B. D. Joshi, Walid G. Aref, Arif Ghafoor, and Eugene H. Spafford. Security Models for Web-Based Applications. ''Commun. ACM'', 44(2):38--44, 2001.
     316
    287317  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/jansen98revised.pdf Jan98]] W. A. Jansen. A Revised Model for Role-Based Access Control. IR 6192, NIST, July 1998.
    288318
     
    291321  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01355921.pdf JBBG04]] James B. D. Joshi, Rafae Bhatti, Elisa Bertino, and Arif Ghafoor. Access-Control Language for Multidomain Environments. ''IEEE Internet Computing'', 8(6):40--50, 2004.
    292322
     323  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p74-joshi.pdf JBG02]] James B D Joshi, Elisa Bertino, and Arif Ghafoor. Temporal Hierarchies and Inheritance Semantics for GTRBAC. In ''SACMAT '02: Proceedings of the Seventh ACM symposium on Access Control Models and Technologies'', pages 74--83, New York, NY, USA, 2002. ACM Press.
     324
    293325  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01453534.pdf JBG05]] James B. D. Joshi, Elisa Bertino, and Arif Ghafoor. An Analysis of Expressiveness and Design Issues for the Generalized Temporal Role-Based Access Control Model. ''IEEE Transactions on Dependable and Secure Computing'', 2(2):157--175, 2005.
    294326
     
    297329  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p51-joshi.pdf JSGB03]] James B. D. Joshi, Basit Shafiq, Arif Ghafoor, and Elisa Bertino. Dependencies and Separation of Duty Constraints in GTRBAC. In ''SACMAT '03: Proceedings of the Eighth ACM symposium on Access Control Models and Technologies'', pages 51--64, New York, NY, USA, 2003. ACM Press.
    298330
     331  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00601312.pdf JSS97]] Sushil Jajodia, Pierangela Samarati, and V. S. Subrahmanian. A Logical Language for Expressing Authorizations. In ''SP '97: Proceedings of the 1997 IEEE Symposium on Security and Privacy'', page 31, Washington, DC, USA, 1997. IEEE Computer Society.
     332
    299333  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p65-jaeger.pdf JT00]] Trent Jaeger and Jonathon E. Tidswell. Rebuttal to the NIST RBAC Model Proposal. In ''RBAC '00: Proceedings of the Fifth ACM Workshop on Role-Based Access Control'', pages 65--66, New York, NY, USA, 2000. ACM Press.
    300334
    301335  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p158-jaeger.pdf JT01]] Trent Jaeger and Jonathon E. Tidswell. Practical Safety in Flexible Access Control Models. ''ACM Trans. Inf. Syst. Secur.'', 4(2):158--190, 2001.
    302336
     337  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00856939.pdf Kar00]] Guenter Karjoth. An Operational Semantics of Java 2 Access Control. In ''CSFW '00: Proceedings of the 13th IEEE Computer Security Foundations Workshop (CSFW'00)'', page 224, Washington, DC, USA, 2000. IEEE Computer Society.
     338
    303339  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p29-kane.pdf KB06]] Kevin Kane and James C. Browne. On Classifying Access Control Implementations for Distributed Systems. In ''SACMAT '06: Proceedings of the Eleventh ACM symposium on Access Control Models and Technologies'', pages 29--38, New York, NY, USA, 2006. ACM Press.
    304340
     
    307343  [[http://www.networkworld.com/newsletters/dir/2005/0207id1.html Kea05]] Dave Kearns. Rules and policies vs. actual practice - Network World. ''Network World'', February 2005.
    308344
     345  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01176305.pdf Ker02]] Axel Kern. Advanced Features for Enterprise-Wide Role-Based Access Control. In ''ACSAC '02: Proceedings of the 18th Annual Computer Security Applications Conference'', page 333, Washington, DC, USA, 2002. IEEE Computer Society.
     346
     347  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p53-kumar.pdf KKC02]] Arun Kumar, Neeran Karnik, and Girish Chafle. Context Sensitivity in Role-Based Access Control. ''SIGOPS Oper. Syst. Rev.'', 36(3):53--66, 2002.
     348
    309349  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p87-kern.pdf KKKR04]] Axel Kern, Martin Kuhlmann, Rainer Kuropka, and Andreas Ruthert. A Meta Model for Authorisations in Application Security Systems and Their Integration into RBAC Administration. In ''SACMAT '04: Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies'', pages 87--96, New York, NY, USA, 2004. ACM Press.
    310350
     
    315355  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p97-koch.pdf KMPP04]] M. Koch, L. V. Mancini, and F. Parisi-Presicce. Administrative Scope in the Graph-Based Framework. In ''SACMAT '04: Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies'', pages 97--104, New York, NY, USA, 2004. ACM Press.
    316356
     357  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p66-kang.pdf KPF01]] Myong H. Kang, Joon S. Park, and Judith N. Froscher. Access Control Mechanisms for Inter-organizational Workflow. In ''SACMAT '01: Proceedings of the sixth ACM symposium on Access control models and technologies'', pages 66--74, New York, NY, USA, 2001. ACM Press.
     358
    317359  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/kandala02secure.pdf KS02]] Savith Kandala and Ravi S. Sandhu. Secure Role-Based Workflow Models. In ''DAS'01: Proceedings of the Fifteenth Annual Working Conference on Database and Application Security'', pages 45--58, Norwell, MA, USA, 2002. Kluwer Academic Publishers.
    318360
     
    323365  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p23-kuhn.pdf Kuh97]] D. Richard Kuhn. Mutual Exclusion of Roles as a Means of Implementing Separation of Duty in Role-Based Access Control Systems. In ''RBAC '97: Proceedings of the Second ACM Workshop on Role-Based Access Control'', pages 23--30, New York, NY, USA, 1997. ACM Press.
    324366
     367  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p25-kuhn.pdf Kuh98]] D. Richard Kuhn. Role Based Access Control on MLS Systems Without Kernel Changes. In ''RBAC '98: Proceedings of the third ACM workshop on Role-based access control'', pages 25--32, New York, NY, USA, 1998. ACM Press.
     368
    325369  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p130-kern.pdf KW05]] Axel Kern and Claudia Walhorn. Rule Support for Role-Based Access Control. In ''SACMAT '05: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies'', pages 130--138, New York, NY, USA, 2005. ACM Press.
    326370
     
    353397  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/moffett99uses.pdf ML99]] Jonathan D. Moffett and Emil Lupu. The Uses of Role Hierarchies in Access Control. In ''ACM Workshop on Role-Based Access Control'', pages 153--160, 1999.
    354398
     399  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/moffett93policy.pdf MS93]] Jonathan D. Moffett and Morris S. Sloman. Policy Conflict Analysis in Distributed System Management. ''Journal of Organizational Computing'', pages 1--19, 1993.
     400
    355401  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/an-approach-to-extract.pdf MSSN04]] Jan Mendling, Mark Strembeck, Gerald Stermsek, and Gustaf Neumann. An Approach to Extract RBAC Models from BPEL4WS Processes. In ''13th IEEE International Workshops on Enabling Technologies Infrastructure for Collaborative Enterprises (WETICE 2004)'', pages 81--86, Washington, DC, USA, June 2004. IEEE Computer Society.
    356402
     
    363409  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p45-nyanchama.pdf NO93]] Matunda Nyanchama and Sylvia Osborn. Role-Based Security, Object Oriented Databases and Separation of Duty. ''SIGMOD Rec.'', 22(4):45--51, 1993.
    364410
     411  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/nyanchama94access.pdf NO94]] Matunda Nyanchama and Sylvia L. Osborn. Access Rights Administration in Role-Based Security Systems. In ''Proceedings of the IFIP WG11.3 Working Conference on Database Security VII'', pages 37--56. North-Holland, 1994.
     412
    365413  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p3-nyanchama.pdf NO99]] Matunda Nyanchama and Sylvia Osborn. The Role Graph Model and Conflict of Interest. ''ACM Trans. Inf. Syst. Secur.'', 2(1):3--33, 1999.
    366414
     
    387435  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/guide.pdf Ope05]] The OpenLDAP Foundation. ''OpenLDAP Software 2.3 Administrator's Guide'', 2005.
    388436
     437  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p155-oh.pdf OS02]] Sejong Oh and Ravi Sandhu. A Model for Role Administration Using Organization Structure. In ''SACMAT '02: Proceedings of the seventh ACM symposium on Access control models and technologies'', pages 155--162, New York, NY, USA, 2002. ACM Press.
     438
     439  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p31-osborn.pdf Osb97]] Sylvia Osborn. Mandatory Access Control and Role-Based Access Control Revisited. In ''RBAC '97: Proceedings of the Second ACM Workshop on Role-Based Access Control'', pages 31--40, New York, NY, USA, 1997. ACM Press.
     440
    389441  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p163-osborn.pdf Osb02]] Sylvia L. Osborn. Information Flow Analysis of an RBAC System. In ''ACM Symposium on Access Control Models and Technologies'', pages 163--168, 2002.
    390442
    391443  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p85-osborn.pdf OSM00]] Sylvia L. Osborn, Ravi S. Sandhu, and Qamar Munawer. Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies. ''Information and System Security'', 3(2):85--106, 2000.
    392444
     445  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p113-oh.pdf OSZ06]] Sejong Oh, Ravi Sandhu, and Xinwen Zhang. An Effective Role Administration Model Using Organization Structure. ''ACM Trans. Inf. Syst. Secur.'', 9(2):113--137, 2006.
     446
    393447  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/diss-jean.pdf Par99]] Joon S. Park. ''Secure Attribute Services on the Web''. PhD thesis, George Mason University, 1999. Dissertation Director: Dr. Ravi Sandhu.
    394448
     
    397451  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/i01-kluwer01-jpark.pdf PAS01]] Joon S. Park, Gail-Joon Ahn, and Ravi S. Sandhu. Role-Based Access Control on the Web Using LDAP. In ''Proceeding of the 15th IFIP WG 11.3 Working Conference on Database and Application Security'', pages 19--30, 2001.
    398452
    399   [[http://hissa.ncsl.nist.gov/rbac/poole/ir5820/nistir5820.htm PBBE95]] Joseph Poole, John Barkley, Kevin Brady, Anthony Cincotta, and Wayne Salamon. Distributed Communication Methods and Role-Based Access Control for Use in Health Care Applications. Technical Report NISTIR 5820, NIST, 1995.
     453  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/nistir5820.pdf PBBE95]] Joseph Poole, John Barkley, Kevin Brady, Anthony Cincotta, and Wayne Salamon. Distributed Communication Methods and Role-Based Access Control for Use in Health Care Applications. Technical Report NISTIR 5820, NIST, 1995. NIST RBAC web site http://hissa.ncsl.nist.gov/rbac/poole/ir5820/nistir5820.htm.
    400454
    401455  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/JP_004.pdf PBE01]] Stephen Perelson, Reinhardt Botha, and Jan Eloff. Separation of Duty Administration. ''SACJ/SART'', 27(1):64--70, 2001.
     
    435489  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/park99rbac.pdf PSG99]] Joon S. Park, Ravi S. Sandhu, and !SreeLatha Ghanta. RBAC on the Web by Secure Cookies. In ''IFIP Workshop on Database Security'', pages 49--62, 1999.
    436490
     491  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/wed-b-1530-payne.pdf PTBO99]] C. Payne, D. Thomsen, J. Bogle, and R. O'Brien. Napoleon: A recipe for workflow. In ''ACSAC '99: Proceedings of the 15th Annual Computer Security Applications Conference'', page 134, Washington, DC, USA, 1999. IEEE Computer Society.
     492
    437493  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p87-phillips.pdf PTD02]] Charles E. Phillips, Jr., T.C. Ting, and Steven A. Demurjian. Information Sharing and Security in Dynamic Coalitions. In ''SACMAT '02: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies'', pages 87--96, New York, NY, USA, 2002. ACM Press.
    438494
     
    445501  [[http://cuddletech.com/blog/pivot/entry.php?id=362 Roc03]] Ben Rockwood. Using RBAC on (Open)Solaris, September 2003.
    446502
     503  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/sis_2000.pdf ROS00]] G. Pernul R. Oppliger and C. Strauss. Using Attribute Certificates to Implement Role Based Authorization and Access Control Models. In ''Proc. 4th Fachtagung Sicherheit in Informationsystemen (SIS 2000)'', pages 169--184, 2000.
     504
    447505  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/RBAC_DBMS_Comparison.pdf RS98]] Chandramouli Ramaswamy and Ravi S. Sandhu. Role-Based Access Control Features in Commercial Database Management Systems. In ''Proc. 21st NIST-NCSC National Information Systems Security Conference'', pages 503--511, 1998.
    448506
     
    467525  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/issue.pdf San96b]] Ravi S. Sandhu. Issues in RBAC. In ''RBAC '95: Proceedings of the First ACM Workshop on Role-Based Access Control'', pages I--21--I--46, New York, NY, USA, 1996. ACM Press.
    468526
    469   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/role-group.pdf San96c]] Ravi S. Sandhu. Roles Versus Groups. In ''RBAC '95: Proceedings of the First ACM Workshop on Role-Based Access Control'', pages I--25--I--26, New York, NY, USA, 1996. ACM Press.
    470 
    471   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/summary-1.pdf San96d]] Ravi S. Sandhu. Workshop Summary. In ''RBAC '95: Proceedings of the First ACM Workshop on Role-Based Access Control'', pages I--1--I--7, New York, NY, USA, 1996. ACM Press.
     527  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/sandhu96role.pdf San96c]] Ravi S. Sandhu. Role Hierarchies and Constraints for Lattice-Based Access Controls. In ''ESORICS '96: Proceedings of the 4th European Symposium on Research in Computer Security'', pages 65--79, London, UK, 1996. Springer-Verlag.
     528
     529  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/role-group.pdf San96d]] Ravi S. Sandhu. Roles Versus Groups. In ''RBAC '95: Proceedings of the First ACM Workshop on Role-Based Access Control'', pages I--25--I--26, New York, NY, USA, 1996. ACM Press.
     530
     531  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/summary-1.pdf San96e]] Ravi S. Sandhu. Workshop Summary. In ''RBAC '95: Proceedings of the First ACM Workshop on Role-Based Access Control'', pages I--1--I--7, New York, NY, USA, 1996. ACM Press.
    472532
    473533  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p33-sandhu.pdf San98a]] Ravi S. Sandhu. Role Activation Hierarchies. In ''RBAC '98: Proceedings of the Third ACM Workshop on Role-Based Access Control'', pages 33--40, New York, NY, USA, 1998. ACM Press.
     
    521581  [[http://www.informatik.uni-trier.de/~ley/db/journals/compsec/compsec13.html#SolmsM94 SM94]] Sebastiaan H. von Solms and Isak van der Merwe. The Management of Computer Security Profiles Using a Role-Oriented Approach. ''Computers and Security'', 13(8):673--680, 1994.
    522582
    523   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p47-sandhu.pdf SM98]] Ravi S. Sandhu and Qamar Munawer. How to do Discretionary Access Control Using Roles. In ''ACM Workshop on Role-Based Access Control'', pages 47--54, 1998.
     583  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p47-sandhu.pdf SM98]] Ravi S. Sandhu and Qamar Munawer. How to Do Discretionary Access Control Using Roles. In ''ACM Workshop on Role-Based Access Control'', pages 47--54, 1998.
     584
     585  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/PositionPapers.pdf SM01]] Andreas Schaad and Jonathan Moffett. The Incorporation of Control Policies into Access Control Policies. In ''Proceedings of the Workshop on Policies for Distributed Systems and Networks, Policy 2001'', pages 18--21, January 2001.
    524586
    525587  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01176294.pdf SM02a]] Andreas Schaad and Jonathan D. Moffett. A Framework for Organisational Control Principles. In ''Proceedings of the 18th Annual Computer Security Applications Conference'', pages 229--238, Washington, DC, USA, December 2002. IEEE Computer Society.
     
    529591  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p1380-schaad.pdf SM04]] Andreas Schaad and Jonathan Moffett. Separation, Review and Supervision Controls in the Context of a Credit Application Process -- A Case Study of Organisational Control Principles. In ''SAC '04: Proceedings of the 2004 ACM Symposium on Applied Computing'', pages 1380--1384, New York, NY, USA, 2004. ACM Press.
    530592
     593  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p3-schaad.pdf SMJ01]] Andreas Schaad, Jonathan Moffett, and Jeremy Jacob. The Role-Based Access Control System of a European Bank: A Case Study and Discussion. In ''SACMAT '01: Proceedings of the sixth ACM symposium on Access control models and technologies'', pages 3--9, New York, NY, USA, 2001. ACM Press.
     594
    531595  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01544773.pdf SMJG05]] Basit Shafiq, Ammar Masood, James Joshi, and Arif Ghafoor. A Role-Based Access Control Policy Verification Framework for Real-Time Systems. In ''10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems'', pages 13--20, Washington, DC, USA, February 2005. IEEE Computer Society.
    532596
     
    537601  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p1-sandhu.pdf SP98]] Ravi S. Sandhu and Joon S. Park. Decentralized User-Role Assignment for Web-Based Intranets. In ''ACM Workshop on Role-Based Access Control'', pages 1--12, 1998.
    538602
     603  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00934896.pdf SP01]] Won Bo Shim and Seog Park. Implementing Web Access Control System for the Multiple Web Servers in the Same Domain Using RBAC Concept. In ''ICPADS '01: Proceedings of the Eighth International Conference on Parallel and Distributed Systems'', pages 768--773, Washington, DC, USA, 2001. IEEE Computer Society.
     604
    539605  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/2003_MMS_UCON.pdf SP03]] Ravi S. Sandhu and Jaehong Park. Usage Control: A Vision for Next Generation Access Control. In Vladimir Gorodetsky, Leonard J. Popyack, and Victor A. Skormin, editors, ''Proceedings of the Second International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2003'', volume 2776 of ''Lecture Notes in Computer Science'', pages 17--31. Springer, September 2003.
    540606
     
    575641  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/CRPITV21ATaylor.pdf TM03]] Kerry Taylor and James Murty. Implementing Role Based Access Control for Federated Information Systems on the Web. In ''ACSW Frontiers '03: Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003'', pages 87--95, Darlinghurst, Australia, Australia, 2003. Australian Computer Society, Inc.
    576642
    577   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/i97tbac.pdf TS98]] Roshan K. Thomas and Ravi S. Sandhu. Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management. In ''Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI'', pages 166--181, London, UK, UK, 1998. Chapman & Hall, Ltd.
     643  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/i97tbac.pdf TS98]] Roshan K. Thomas and Ravi S. Sandhu. Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management. In ''Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI'', pages 166--181, London, UK, 1998. Chapman & Hall, Ltd.
     644
     645  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p405-vuong.pdf VSD01]] Nathan N. Vuong, Geoffrey S. Smith, and Yi Deng. Managing Security Policies in a Distributed Environment Using eXtensible Markup Language (XML). In ''SAC '01: Proceedings of the 2001 ACM Symposium on Applied Computing'', pages 405--411, New York, NY, USA, 2001. ACM Press.
    578646
    579647  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p3-wobber.pdf WABL94]] Edward Wobber, Martín Abadi, Michael Burrows, and Butler Lampson. Authentication in the Taos Operating System. ''ACM Trans. Comput. Syst.'', 12(1):3--32, 1994.
     
    591659  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01376833.pdf YHM04]] Wataru Yamazaki, Hironori Hiraishi, and Fumio Mizoguchi. Designing an Agent-Based RBAC System for Dynamic Security Policy. In ''WETICE '04: Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises'', pages 199--204, Washington, DC, USA, 2004. IEEE Computer Society.
    592660
     661  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p171-yao.pdf YMB01]] Walt Yao, Ken Moody, and Jean Bacon. A Model of OASIS Role-Based Access Control and Its Support for Active Security. In ''SACMAT '01: Proceedings of the sixth ACM symposium on Access control models and technologies'', pages 171--181, New York, NY, USA, 2001. ACM Press.
     662
    593663  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01414530.pdf YS04]] Burin Yenmunkong and Chanboon Sathitwiriyawong. An Experimental Study of ERBAC03 for Access Control Administration. In ''2004 IEEE Region 10 Conference, TENCON 2004'', volume B2, pages 57--60, November 2004.
    594664
     
    597667  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/Paper_code16.pdf ZM04]] Wei Zhou and Christoph Meinel. Implement Role Based Access Control with Attribute Certificates. In ''The 6th International Conference on Advanced Communication Technology'', pages 536--540, Washington, DC, USA, 2004. IEEE Computer Society.
    598668
     669  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p149-zhang.pdf ZOS03]] Xinwen Zhang, Sejong Oh, and Ravi Sandhu. PBDM: A Flexible Delegation Model in RBAC. In ''SACMAT '03: Proceedings of the eighth ACM symposium on Access control models and technologies'', pages 149--157, New York, NY, USA, 2003. ACM Press.
     670
    599671  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/04-zhang-logic.pdf ZPPPS04]] Xinwen Zhang, Jaehong Park, Francesco Parisi-Presicce, and Ravi Sandhu. A Logical Specification for Usage Control. In ''SACMAT '04: Proceedings of the Ninth ACM symposium on Access Control Models and Technologies'', pages 1--10, New York, NY, USA, 2004. ACM Press.
    600672
     
    607679  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00933700.pdf ZY01b]] Chang N. Zhang and Cungang Yang. Specification and Enforcement of Object-Oriented RBAC Model. In ''Proceedings of the Canadian Conference on Electrical and Computer Engineering, 2001'', volume 1, pages 301--305, 2001.
    608680
     681