Changes between Version 62 and Version 63 of Internal/Rbac/RbacResources


Ignore:
Timestamp:
Sep 27, 2006, 9:14:21 PM (18 years ago)
Author:
anonymous
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Internal/Rbac/RbacResources

    v62 v63  
    1717
    1818== RBAC References ==
     19  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p706-abadi.pdf ABLP93]] Martín Abadi, Michael Burrows, Butler Lampson, and Gordon Plotkin. A Calculus for Access Control in Distributed Systems. ''ACM Trans. Program. Lang. Syst.'', 15(4):706--734, 1993.
     20
    1921  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01647810.pdf AC05]] Raman Adaikkalavan and Sharma Chakravarthy. Active Authorization Rules for Enforcing Role-Based Access Control and its Extensions. In ''21st International Conference on Data Engineering Workshops'', pages 1197--1206, Washington, DC, USA, April 2005. IEEE Computer Society.
    2022
     
    5759  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/health_paper.ps Bar95]] John Barkley. Application Engineering in Health Care. In ''Proceedings of the 2nd Annual CHIN Summit'', 1995.
    5860
    59   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p69-bartz.pdf Bar97]] Larry S. Bartz. hyperDRIVE: Leveraging LDAP to Implement RBAC on the Web. In ''RBAC '97: Proceedings of the Second ACM Workshop on Role-Based Access Control'', pages 69--74, New York, NY, USA, 1997. ACM Press.
     61  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p20-barkley.pdf Bar96]] John Barkley. Implementing Role-Based Access Control Using Object Technology. In ''RBAC '95: Proceedings of the First ACM Workshop on Role-Based Access Control'', page 20, New York, NY, USA, 1996. ACM Press. titlewkshp.ps.
     62
     63  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p127-barkley.pdf Bar97a]] John Barkley. Comparing Simple Role Based Access Control Models and Access Control Lists. In ''RBAC '97: Proceedings of the Second ACM Workshop on Role-Based Access Control'', pages 127--132, New York, NY, USA, 1997. ACM Press.
     64
     65  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p69-bartz.pdf Bar97b]] Larry S. Bartz. hyperDRIVE: Leveraging LDAP to Implement RBAC on the Web. In ''RBAC '97: Proceedings of the Second ACM Workshop on Role-Based Access Control'', pages 69--74, New York, NY, USA, 1997. ACM Press.
    6066
    6167  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/diss-Ezedin.pdf Bar02]] Ezedin S. Barka. ''Framework for Role-Based Delegation Models''. PhD thesis, George Mason University, 2002. Dissertation Director: Dr. Ravi Sandhu.
     
    6773  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00485637.pdf BBFS96]] Elisa Bertino, Claudio Bettini, Elena Ferrari, and Pierangela Samarati. A Temporal Access Control Mechanism for Database Systems. ''IEEE Transactions on Knowledge and Data Engineering'', 8(1):67--80, 1996.
    6874
    69   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/bertino97decentralized.pdf BBFS97]] Elisa Bertino, Claudio Bettini, Elena Ferrari, and Pierangela Samarati. Decentralized administration for a temporal access control model. ''Inf. Syst.'', 22(4):223--248, 1997.
     75  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/bertino97decentralized.pdf BBFS97]] Elisa Bertino, Claudio Bettini, Elena Ferrari, and Pierangela Samarati. Decentralized Administration for a Temporal Access Control Model. ''Inf. Syst.'', 22(4):223--248, 1997.
    7076
    7177  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p231-bertino.pdf BBFS98]] Elisa Bertino, Claudio Bettini, Elena Ferrari, and Pierangela Samarati. An Access Control Model Supporting Periodicity Constraints and Temporal Reasoning. ''ACM Trans. Database Syst.'', 23(3):231--285, 1998.
     
    7783  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01297300.pdf BBGJ04]] Rafae Bhatti, Elisa Bertino, Arif Ghafoor, and James B. D. Joshi. XML-Based Specification for Web Services Document Security. ''Computer'', 37(4):41--49, April 2004.
    7884
    79   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p126-bertino.pdf BBS94]] Elisa Bertino, Claudio Bettini, and Pierangela Samarati. A Temporal Authorization Model. In ''CCS '94: Proceedings of the 2nd ACM Conference on Computer and communications security'', pages 126--135, New York, NY, USA, 1994. ACM Press.
     85  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p126-bertino.pdf BBS94]] Elisa Bertino, Claudio Bettini, and Pierangela Samarati. A Temporal Authorization Model. In ''CCS '94: Proceedings of the 2nd ACM Conference on Computer and Communications Security'', pages 126--135, New York, NY, USA, 1994. ACM Press.
     86
     87  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p55-barkley.pdf BBU99]] John Barkley, Konstantin Beznosov, and Jinny Uppal. Supporting Relationships in Access Control Using Role Based Access Control. In ''RBAC '99: Proceedings of the Fourth ACM Workshop on Role-Based Access Control'', pages 55--65, New York, NY, USA, 1999. ACM Press.
     88
     89  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p73-barkley.pdf BC98]] John Barkley and Anthony Cincotta. Managing Role/Permission Relationships Using Object Access Types. In ''RBAC '98: Proceedings of the Third ACM Workshop on Role-Based Access Control'', pages 73--80, New York, NY, USA, 1998. ACM Press.
    8090
    8191  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p29-bertino.pdf BCDP05]] Elisa Bertino, Barbara Catania, Maria Luisa Damiani, and Paolo Perlasca. GEO-RBAC: A Spatially Aware RBAC. In ''SACMAT '05: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies'', pages 29--37, New York, NY, USA, 2005. ACM Press.
     
    8797  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/2006-04.pdf BDBE06]] Rafae Bhatti, Maria Damiani, David W. Bettis, Elisa Bertino, and Arif Ghafoor. A Modular Framework for Administering Spatial Constraints in Context-Aware RBAC. Technical Report TR 2006-04, Purdue University CERIAS, 2006.
    8898
     99  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00816041.pdf BDBB99]] Konstantin Beznosov, Yi Deng, Bob Blakley, and John Barkley. A Resource Access Decision Service for CORBA-Based Distributed Systems. In ''ACSAC '99: Proceedings of the 15th Annual Computer Security Applications Conference'', page 310, Washington, DC, USA, 1999. IEEE Computer Society. 5ndocgm9.ps.
     100
    89101  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p100-lodderstedt.pdf BDL03]] David Basin, Jürgen Doser, and Torsten Lodderstedt. Model Driven Security for Process-Oriented Systems. In ''SACMAT '03: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies'', pages 100--109, New York, NY, USA, 2003. ACM Press.
    90102
     
    95107  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/botha.pdf BE01b]] Reinhardt A. Botha and Jan H. P. Eloff. Separation of Duties for Access Control Enforcement in Workflow Environments. ''IBM Syst. J.'', 40(3):666--682, 2001.
    96108
    97   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/belokosztolszki03shielding.pdf BE03]] András Belokosztolszki and David Eyers. Shielding the OASIS RBAC Infrastructure from Cyberterrorism. In ''Research Directions in Data and Applications Security'', pages 3--14. Kluwer Academic Publishers, 2003.
     109  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/belokosztolszki03shielding.pdf BE03]] András Belokosztolszki and David Eyers. Shielding the OASIS RBAC Infrastructure from Cyberterrorism. In E. Gudes and S. Shenoi, editors, ''Research Directions in Data and Applications Security'', pages 3--14. Kluwer Academic Publishers, 2003.
    98110
    99111  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01206964.pdf BEM03]] András Belokosztolszki, David M. Eyers, and Ken Moody. Policy Contexts: Controlling Information Flow in Parameterised RBAC. In ''Proceedings of the 4th International Workshop on Policies for Distributed Systems and Networks, POLICY 2003'', pages 99--110, Washington, DC, USA, June 2003. IEEE Computer Society.
     
    121133  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p59-bacon.pdf BM02a]] Jean Bacon and Ken Moody. Toward Open, Secure, Widely Distributed Services. ''Commun. ACM'', 45(6):59--64, 2002.
    122134
    123   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01011298.pdf BM02b]] András Belokosztolszki and Ken Moody. Meta-policies for distributed role-based access control systems. In ''Policy 2002: IEEE 3rd International Workshop on Policies for Distributed Systems and Networks'', pages 106--115, Washington, DC, USA, 2002. IEEE Computer Society.
     135  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01011298.pdf BM02b]] András Belokosztolszki and Ken Moody. Meta-Policies for Distributed Role-Based Access Control Systems. In ''Policy 2002: IEEE 3rd International Workshop on Policies for Distributed Systems and Networks'', pages 106--115, Washington, DC, USA, 2002. IEEE Computer Society.
    124136
    125137  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p492-bacon.pdf BMY02]] Jean Bacon, Ken Moody, and Walt Yao. A Model of OASIS Role-Based Access Control and Its Support for Active Security. ''ACM Trans. Inf. Syst. Secur.'', 5(4):492--540, 2002.
     
    153165  [[http://www.amazon.com/gp/product/1565924916/ Car03]] Gerald Carter. ''LDAP System Administration''. O'Reilly Media, Inc., Sebastopol, CA, USA, March 2003.
    154166
     167  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/cavale.pdf Cav03]] Mohan Rao Cavale. Role-Based Access Control Using Windows Server 2003 Authorization Manager. Microsoft Corporation web site, January 2003. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetserv/h%tml/AzManRoles.asp.
     168
    155169  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/IC_003.pdf CBE00]] Damian G. Cholewka, Reinhardt A. Botha, and Jan H. P. Eloff. A Context-Sensitive Access Control Model and Prototype Implementation. In ''Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures'', pages 341--350, Deventer, The Netherlands, The Netherlands, 2000. Kluwer, B.V.
    156170
     
    183197  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/InternetComputingPaperv4.pdf COB04]] David W. Chadwick, Alexander Otenko, and Edward Ball. Implementing Role Based Access Controls Using X.509 Attribute Certificates - the PERMIS Privilege Management Infrastructure. In ''Security and Privacy in Advanced Networking Technologies'', pages 26--39, 2004.
    184198
     199  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p4-coyne.pdf Coy96]] Edward J. Coyne. Role Engineering. In ''RBAC '95: Proceedings of the First ACM Workshop on Role-Based Access Control'', pages I--15--I--16, New York, NY, USA, 1996. ACM Press.
     200
    185201  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/qut-isrc-tr-1999-005.pdf CR99a]] William Caelli and Anthony Rhodes. Implementation of Active Role Based Access Control in a Collaborative Environment. Technical Report QUT-ISRC-TR-1999-005, University of Queensland, Australia, 1999.
    186202
     
    189205  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p49-chakraborty.pdf CR06]] Sudip Chakraborty and Indrajit Ray. TrustBAC: Integrating Trust Relationships into the RBAC Model for Access Control in Open Systems. In ''SACMAT '06: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies'', pages 49--58, New York, NY, USA, 2006. ACM Press.
    190206
    191   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p145-crampton.pdf Cra02]] Jason Crampton. Administrative scope and role hierarchy operations. In ''SACMAT '02: Proceedings of the seventh ACM symposium on Access control models and technologies'', pages 145--154, New York, NY, USA, 2002. ACM Press.
     207  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p145-crampton.pdf Cra02]] Jason Crampton. Administrative scope and role hierarchy operations. In ''SACMAT '02: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies'', pages 145--154, New York, NY, USA, 2002. ACM Press.
    192208
    193209  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p85-crampton.pdf Cra03a]] Jason Crampton. On Permissions, Inheritance and Role Hierarchies. In ''CCS '03: Proceedings of the 10th ACM Conference on Computer and Communications Security'', pages 85--92, New York, NY, USA, 2003. ACM Press.
     
    229245  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/diss-pete.pdf Eps02]] Pete A. Epstein. ''Engineering of Role/Permission Assignments''. PhD thesis, George Mason University, 2002. Dissertation Director: Dr. Ravi Sandhu.
    230246
    231   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/uml-org.pdf ES99]] Pete Epstein and Ravi Sandhu. Towards a UML Based Approach to Role Engineering. In ''RBAC '99: Proceedings of the fourth ACM workshop on Role-based access control'', pages 135--143, New York, NY, USA, 1999. ACM Press.
     247  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/uml-org.pdf ES99]] Pete Epstein and Ravi Sandhu. Towards a UML Based Approach to Role Engineering. In ''RBAC '99: Proceedings of the Fourth ACM Workshop on Role-based Access Control'', pages 135--143, New York, NY, USA, 1999. ACM Press.
    232248
    233249  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p95-faden.pdf Fad99]] Glenn Faden. RBAC in UNIX Administration. In ''RBAC '99: Proceedings of the Fourth ACM Workshop on Role-Based Access Control'', pages 95--101, New York, NY, USA, 1999. ACM Press.
    234250
    235   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p77-ferraiolo.pdf FB97]] David Ferraiolo and John Barkley. Specifying and Managing Role-Based Access Control Within a Corporate Intranet. In ''RBAC '97: Proceedings of the second ACM workshop on Role-based access control'', pages 77--82, New York, NY, USA, 1997. ACM Press; also in [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/ferraiolo97specifying.ps postscript]].
     251  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p77-ferraiolo.pdf FB97]] David Ferraiolo and John Barkley. Specifying and Managing Role-Based Access Control Within a Corporate Intranet. In ''RBAC '97: Proceedings of the Second ACM Workshop on Role-based Access Control'', pages 77--82, New York, NY, USA, 1997. ACM Press.
    236252
    237253  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p34-ferraiolo.pdf FBK99]] David F. Ferraiolo, John F. Barkley, and D. Richard Kuhn. A Role-Based Access Control Model and Reference Implementation Within a Corporate Intranet. ''ACM Transactions on Information and System Security'', 2(1):34--64, 1999.
     
    241257  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/ferraiolo-cugini-kuhn-95.pdf FCK95]] David F. Ferraiolo, Janet A. Cugini, and D. Richard Kuhn. Role-Based Access Control: Features and Motivations. In ''Proceedings of the 11th Annual Computer Security Applications Conference (CSAC '95)'', 1995; also in [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/ferraiolo-cugini-kuhn-95.ps postscript]] and [[http://hissa.ncsl.nist.gov/rbac/newpaper/rbac.html HTML]].
    242258
     259  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/sd541cond.pdf Fer04]] Richard Fernandez. COMPACFLT SEAC RBAC, June 2004.
     260
    243261  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/EDACcase-study.pdf Fer05a]] Richard Fernandez. Enterprise Dynamic Access Control (EDAC) Case Study. Technical report, United States Pacific Fleet, May 2005.
    244262
     
    251269  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p11-ferraiolo.pdf FGHK05]] David F. Ferraiolo, Serban Gavrila, Vincent Hu, and D. Richard Kuhn. Composing and Combining Policies under the Policy Machine. In ''SACMAT '05: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies'', pages 11--20, New York, NY, USA, 2005. ACM Press.
    252270
     271  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/nistir4976.pdf FGL92]] David F. Ferraiolo, Dennis M. Gilbert, and Nickilyn Lynch. Assessing Federal and Commercial Information Needs. Technical Report NISTIR 4976, National Institute of Standards and Technology, November 1992. http://csrc.nist.gov/publications/nistir/ir4976.txt.
     272
    253273  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/fernandez97determining.pdf FH97]] Eduardo B. Fernandez and J. C. Hawkins. Determining Role Rights from Use Cases. In ''Proceedings of the 2nd ACM Workshop on Role Based Access Control (RBAC'97)'', pages 121--126, 1997.
    254274
     
    259279  [[http://www.amazon.com/gp/product/1580533701/ FKC03]] David F. Ferraiolo, D. Richard Kuhn, and Ramaswamy Chandramouli. ''Role-Based Access Control''. Artech House, Inc., Norwood, MA, USA, 2003.
    260280
    261   [[http://csrc.nist.gov/rbac/ FKCB06]] David Ferraiolo, Rick Kuhn, Ramaswamy Chandramouli, and John Barkley. Role-Based Access Control. National Institute of Standards and Technology web site, August 2006.
    262 
    263   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p196-fisler.pdf FKMT05]] Kathi Fisler, Shriram Krishnamurthi, Leo A. Meyerovich, and Michael Carl Tschantz. Verification and Change-Impact Analysis of Access-Control Policies. In ''ICSE '05: Proceedings of the 27th international conference on Software engineering'', pages 196--205, New York, NY, USA, 2005. ACM Press.
     281  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/NIST-rbac-site.pdf FKCB06]] David Ferraiolo, Rick Kuhn, Ramaswamy Chandramouli, and John Barkley. Role-Based Access Control. National Institute of Standards and Technology web site, September 2006.
     282
     283  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p196-fisler.pdf FKMT05]] Kathi Fisler, Shriram Krishnamurthi, Leo A. Meyerovich, and Michael Carl Tschantz. Verification and Change-Impact Analysis of Access-Control Policies. In ''ICSE '05: Proceedings of the 27th international Conference on Software engineering'', pages 196--205, New York, NY, USA, 2005. ACM Press.
    264284
    265285  [[http://csrc.nist.gov/staff/kuhn/rkhome.html FKS06]] David F. Ferraiolo, D. Richard Kuhn, and Ravi S. Sandhu. Comments on 'A Critique of the ANSI Standard on Role Based Access Control'. ''IEEE Security and Privacy'', 2006. to appear 2006.
     
    285305  [[http://digitalbusinessstrategy.com/?p=48 Gif06]] Bob Gifford. My RBAC Heresy. ''Digital Business Strategy'', June 2006.
    286306
     307  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p91-giuri.pdf Giu98]] Luigi Giuri. Role-Based Access Control in Java. In ''RBAC '98: Proceedings of the Third ACM Workshop on Role-Based Access Control'', pages 91--100, New York, NY, USA, 1998. ACM Press.
     308
    287309  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p11-giuri.pdf Giu99]] Luigi Giuri. Role-Based Access Control on the Web Using Java. In ''RBAC '99: Proceedings of the Fourth ACM Workshop on Role-Based Access Control'', pages 11--18, New York, NY, USA, 1999. ACM Press.
    288310
     311  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/dotguide.pdf GKN02]] Emden Gansner, Eleftherios Koutsofios, and Stephen North. ''Drawing graphs with dot''. AT&T Labs, Inc. - Research, February 2002. see also www.graphviz.org.
     312
    289313  [[http://www.computerworld.com/securitytopics/security/story/0,10801,86699,00.html GL03]] Trey Guerin and Richard Lord. How role-based access control can provide security and business benefits. ''ComputerWorld'', November 2003.
    290314
     
    293317  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p90-guth.pdf GNS03]] Susanne Guth, Gustaf Neumann, and Mark Strembeck. Experiences with the Enforcement of Access Rights Extracted from ODRL-based Digital Contracts. In ''DRM '03: Proceedings of the 3rd ACM Workshop on Digital Rights Management'', pages 90--102, New York, NY, USA, 2003. ACM Press.
    294318
     319  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/report02-1.pdf GOK02]] Michael A. Gallaher, Alan C. O'Connor, and Brian M. Kropp. The Economic Impact of Role Based Access Control. Technical Report Planning Report 02-01, Research Triangle Institute, 2002.
     320
    295321  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/cs1050005.pdf Gov04]] Government Reform Committee. Report of the Best Practices and Metrics Teams. Technical Report CS1/05-0005, United States House of Representatives, November 2004. Corporate Information Security Working Group of the Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census of the Government Reform Committee.
    296322
     
    303329  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/STAT_RBAC_Paper.pdf Har06]] Harris Corp. Role-Based Access Control In Network Vulnerability Management. Technical report, Harris Corp., March 2006.
    304330
     331  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/341.pdf Hil97]] Burkhard Hilchenbach. Observations on the Real-World Implementation of Role-Based Access Control. In ''Proceedings of the 20th National Information Systems Security Conference'', pages 341--352, October 1997.
     332
    305333  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/sg246647.pdf HJLE06]] Alicia Harvey, Travis Jeanneret, Thiam Cheng Lee, Rangarajan S. Manavalan, and Marty Trice. ''Administering and Implementing !WebSphere Business Integration Server V4.3''. IBM Redbook. IBM International Technical Support Organization, ibm.com/redbooks, first edition, April 2006.
    306334
     
    323351  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01265212.pdf Hun04]] Patrick C. K. Hung. From Conflict of Interest to Separation of Duties in WS-Policy for Web Services Matchmaking Process. In ''Proceedings of the 37th Annual Hawaii International Conference on System Sciences'', pages 1--10, January 2004.
    324352
    325   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00902348.pdf HV00]] M. Hitchens and V. Varadharajan. Design and specification of role based access control policies. ''IEE Proceedings on Software'', 147(4):117--129, August 2000.
     353  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00902348.pdf HV00]] M. Hitchens and V. Varadharajan. Design and Specification of Role Based Access Control Policies. ''IEE Proceedings on Software'', 147(4):117--129, August 2000.
    326354
    327355  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/95948X509A4.ps ISO93]] ISO/IEC. ITU-T Rec. x.509 (1993E), Information technology -- Open Systems Interconnection -- The Directory: Authentication Framework. Technical Report Recommendation X.509 ISO/IEC 9594-8, ISO/IEC, 1993.
     
    329357  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/c021573_ISO_IEC_13568_2002E.pdf ISO02]] ISO/IEC. Information Technology - Z Formal Specification Notation - Syntax, Type System and Semantics. Technical Report 13568:2002, ISO/IEC, July 2002. International Standard.
    330358
    331   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p33-jaeger.pdf Jae99]] Trent Jaeger. On the Increasing Importance of Constraints. In ''RBAC '99: Proceedings of the fourth ACM workshop on Role-based access control'', pages 33--42, New York, NY, USA, 1999. ACM Press.
     359  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p33-jaeger.pdf Jae99]] Trent Jaeger. On the Increasing Importance of Constraints. In ''RBAC '99: Proceedings of the Fourth ACM Workshop on Role-based Access Control'', pages 33--42, New York, NY, USA, 1999. ACM Press.
    332360
    333361  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p38-joshi.pdf JAGS01]] James B. D. Joshi, Walid G. Aref, Arif Ghafoor, and Eugene H. Spafford. Security Models for Web-Based Applications. ''Commun. ACM'', 44(2):38--44, 2001.
     
    341369  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/2004-46.pdf JBBG05]] James Joshi, Rafae Bhatti, Elisa Bertino, and Arif Ghafoor. X- RBAC: An Access Control Language for Multi-domain Environments. Technical Report TR 2004-46, Purdue University CERIAS, 2005.
    342370
    343   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p74-joshi.pdf JBG02]] James B D Joshi, Elisa Bertino, and Arif Ghafoor. Temporal Hierarchies and Inheritance Semantics for GTRBAC. In ''SACMAT '02: Proceedings of the Seventh ACM symposium on Access Control Models and Technologies'', pages 74--83, New York, NY, USA, 2002. ACM Press.
     371  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p74-joshi.pdf JBG02]] James B D Joshi, Elisa Bertino, and Arif Ghafoor. Temporal Hierarchies and Inheritance Semantics for GTRBAC. In ''SACMAT '02: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies'', pages 74--83, New York, NY, USA, 2002. ACM Press.
    344372
    345373  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01453534.pdf JBG05]] James B. D. Joshi, Elisa Bertino, and Arif Ghafoor. An Analysis of Expressiveness and Design Issues for the Generalized Temporal Role-Based Access Control Model. ''IEEE Transactions on Dependable and Secure Computing'', 2(2):157--175, 2005.
     
    355383  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/2003-23.pdf Jos03]] James B. D. Joshi. ''A Generalized Temporal Role Based Access Control Model for Developing Secure Systems''. PhD thesis, Purdue University, August 2003.
    356384
    357   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p51-joshi.pdf JSGB03]] James B. D. Joshi, Basit Shafiq, Arif Ghafoor, and Elisa Bertino. Dependencies and Separation of Duty Constraints in GTRBAC. In ''SACMAT '03: Proceedings of the Eighth ACM symposium on Access Control Models and Technologies'', pages 51--64, New York, NY, USA, 2003. ACM Press.
     385  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p51-joshi.pdf JSGB03]] James B. D. Joshi, Basit Shafiq, Arif Ghafoor, and Elisa Bertino. Dependencies and Separation of Duty Constraints in GTRBAC. In ''SACMAT '03: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies'', pages 51--64, New York, NY, USA, 2003. ACM Press.
    358386
    359387  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00601312.pdf JSS97]] Sushil Jajodia, Pierangela Samarati, and V. S. Subrahmanian. A Logical Language for Expressing Authorizations. In ''SP '97: Proceedings of the 1997 IEEE Symposium on Security and Privacy'', page 31, Washington, DC, USA, 1997. IEEE Computer Society.
     
    365393  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00856939.pdf Kar00]] Guenter Karjoth. An Operational Semantics of Java 2 Access Control. In ''CSFW '00: Proceedings of the 13th IEEE Computer Security Foundations Workshop (CSFW'00)'', page 224, Washington, DC, USA, 2000. IEEE Computer Society.
    366394
    367   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p29-kane.pdf KB06]] Kevin Kane and James C. Browne. On Classifying Access Control Implementations for Distributed Systems. In ''SACMAT '06: Proceedings of the Eleventh ACM symposium on Access Control Models and Technologies'', pages 29--38, New York, NY, USA, 2006. ACM Press.
     395  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p29-kane.pdf KB06]] Kevin Kane and James C. Browne. On Classifying Access Control Implementations for Distributed Systems. In ''SACMAT '06: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies'', pages 29--38, New York, NY, USA, 2006. ACM Press.
    368396
    369397  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/Or-BAC.pdf KBME03]] Anas Abou El Kalam, Salem Benferhat, Alexandre Miège, Rania El Baida, Frédéric Cuppens, Claire Saurel, Philippe Balbiani, Yves Deswarte, and Gilles Trouessin. Organization Based Access Control. In ''POLICY '03: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks'', page 120, Washington, DC, USA, 2003. IEEE Computer Society.
     
    383411  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p97-koch.pdf KMPP04]] M. Koch, L. V. Mancini, and F. Parisi-Presicce. Administrative Scope in the Graph-Based Framework. In ''SACMAT '04: Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies'', pages 97--104, New York, NY, USA, 2004. ACM Press.
    384412
    385   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p66-kang.pdf KPF01]] Myong H. Kang, Joon S. Park, and Judith N. Froscher. Access Control Mechanisms for Inter-organizational Workflow. In ''SACMAT '01: Proceedings of the sixth ACM symposium on Access control models and technologies'', pages 66--74, New York, NY, USA, 2001. ACM Press.
     413  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p66-kang.pdf KPF01]] Myong H. Kang, Joon S. Park, and Judith N. Froscher. Access Control Mechanisms for Inter-organizational Workflow. In ''SACMAT '01: Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies'', pages 66--74, New York, NY, USA, 2001. ACM Press.
    386414
    387415  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/kandala02secure.pdf KS02]] Savith Kandala and Ravi S. Sandhu. Secure Role-Based Workflow Models. In ''DAS'01: Proceedings of the Fifteenth Annual Working Conference on Database and Application Security'', pages 45--58, Norwell, MA, USA, 2002. Kluwer Academic Publishers.
     
    393421  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p23-kuhn.pdf Kuh97]] D. Richard Kuhn. Mutual Exclusion of Roles as a Means of Implementing Separation of Duty in Role-Based Access Control Systems. In ''RBAC '97: Proceedings of the Second ACM Workshop on Role-Based Access Control'', pages 23--30, New York, NY, USA, 1997. ACM Press.
    394422
    395   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p25-kuhn.pdf Kuh98]] D. Richard Kuhn. Role Based Access Control on MLS Systems Without Kernel Changes. In ''RBAC '98: Proceedings of the third ACM workshop on Role-based access control'', pages 25--32, New York, NY, USA, 1998. ACM Press.
     423  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p25-kuhn.pdf Kuh98]] D. Richard Kuhn. Role Based Access Control on MLS Systems Without Kernel Changes. In ''RBAC '98: Proceedings of the Third ACM Workshop on Role-based Access Control'', pages 25--32, New York, NY, USA, 1998. ACM Press.
     424
     425  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/rick-kuhn-site.pdf Kuh06]] Rick Kuhn. Rick Kuhn, CSD - Computer Security Resource Center. National Institute of Standards and Technology web site, September 2006. http://csrc.nist.gov/rbac/.
    396426
    397427  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p130-kern.pdf KW05]] Axel Kern and Claudia Walhorn. Rule Support for Role-Based Access Control. In ''SACMAT '05: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies'', pages 130--138, New York, NY, USA, 2005. ACM Press.
    398428
     429  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p265-lampson.pdf LABW92]] Butler Lampson, Martín Abadi, Michael Burrows, and Edward Wobber. Authentication in Distributed Systems: Theory and Practice. ''ACM Trans. Comput. Syst.'', 10(4):265--310, 1992.
     430
     431  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p18-lampson.pdf Lam71]] Butler W. Lampson. Protection. In ''Proceedings of the Fifth Princeton Symposium on Information Sciences and Systems'', pages 437--443, Princeton, NJ, USA, March 1971.
     432
    399433  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/waveset_WP_HIPAA_Compliance.pdf Lan03]] Doug Landoll. Achieving HIPAA Compliance with Indentity Management from Waveset. Technical report, Waveset Technologies, Inc., 2003.
    400434
    401435  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/aboutRBACStandard.pdf LBB06]] Ninghui Li, Ji-Won Byun, and Elisa Bertino. A Critique of the ANSI Standard on Role Based Access Control. ''IEEE Security and Privacy'', 2006. Revision under review.
    402436
    403   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p42-li.pdf LBT04]] Ninghui Li, Ziad Bizri, and Mahesh V. Tripunitara. On Mutually-Exclusive Roles and Separation of Duty. In ''CCS '04: Proceedings of the 11th ACM conference on Computer and communications security'', pages 42--51, New York, NY, USA, 2004. ACM Press.
     437  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p42-li.pdf LBT04]] Ninghui Li, Ziad Bizri, and Mahesh V. Tripunitara. On Mutually-Exclusive Roles and Separation of Duty. In ''CCS '04: Proceedings of the 11th ACM Conference on Computer and Communications Security'', pages 42--51, New York, NY, USA, 2004. ACM Press.
     438
     439  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/HPL-1999-59.pdf Lin99]] Along Lin. Integrating Policy-Driven Role Based Access Control with the Common Data Security Architecture. Technical Report HPL-1999-59, HP Labs, April 1999.
    404440
    405441  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p11-lupu.pdf LMSY96]] Emil C. Lupu, Damian A. Marriott, Morris S. Sloman, and Nicholas Yialelis. A Policy Based Role Framework for Access Control. In ''RBAC '95: Proceedings of the First ACM Workshop on Role-Based Access Control'', page 11, New York, NY, USA, 1996. ACM Press.
     
    411447  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00800059.pdf LN99]] !HyungHyo Lee and !BongNam Noh. An Integrity Enforcement Application Design and Operation Framework in Role-Based Access Control Systems: A Session-Oriented Approach. In ''Proceedings of the 1999 International Workshop on Parallel Processing'', pages 179--184, Washington, DC, USA, September 1999. IEEE Computer Society.
    412448
    413   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p25-lorch.pdf LPLE03]] Markus Lorch, Seth Proctor, Rebekah Lepro, Dennis Kafura, and Sumit Shah. First Experiences Using XACML for Access Control in Distributed Systems. In ''XMLSEC '03: Proceedings of the 2003 ACM workshop on XML security'', pages 25--37, New York, NY, USA, 2003. ACM Press.
     449  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p25-lorch.pdf LPLE03]] Markus Lorch, Seth Proctor, Rebekah Lepro, Dennis Kafura, and Sumit Shah. First Experiences Using XACML for Access Control in Distributed Systems. In ''XMLSEC '03: Proceedings of the 2003 ACM Workshop on XML security'', pages 25--37, New York, NY, USA, 2003. ACM Press.
    414450
    415451  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01552918.pdf LSQ05]] Qi Li, Jingpu Shi, and Sihan Qing. An Administration Model of DRBAC on the Web. In ''2005 IEEE International Conference on e-Business Engineering (ICEBE 2005)'', pages 364--367, Washington, DC, USA, October 2005. IEEE Computer Society.
     
    455491  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p3-nyanchama.pdf NO99]] Matunda Nyanchama and Sylvia Osborn. The Role Graph Model and Conflict of Interest. ''ACM Trans. Inf. Syst. Secur.'', 2(1):3--33, 1999.
    456492
     493  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/nebraska.pdf Nov04]] Novell. State of Nebraska Case Study. www.novel.com, 2004.
     494
    457495  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/conundrums.pdf NP90]] Michael J. Nash and Keith R. Poland. Some Conundrums Concerning Separation of Duty. In ''IEEE Computer Society Symposium on Research in Security and Privacy'', pages 201--207, Washington, DC, USA, May 1990. IEEE Computer Society.
    458496
     
    461499  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p33-neumann.pdf NS02]] Gustaf Neumann and Mark Strembeck. A Scenario-driven Role Engineering Process for Functional RBAC Roles. In ''SACMAT '02: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies'', pages 33--42, New York, NY, USA, 2002. ACM Press.
    462500
    463   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p65-strembeck.pdf NS03]] Gustaf Neumann and Mark Strembeck. An Approach to Engineer and Enforce Context Constraints in an RBAC Environment. In ''SACMAT '03: Proceedings of the eighth ACM symposium on Access control models and technologies'', pages 65--79, New York, NY, USA, 2003. ACM Press.
     501  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p65-strembeck.pdf NS03]] Gustaf Neumann and Mark Strembeck. An Approach to Engineer and Enforce Context Constraints in an RBAC Environment. In ''SACMAT '03: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies'', pages 65--79, New York, NY, USA, 2003. ACM Press.
    464502
    465503  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/IC_TECH_REPORT_200131.pdf NW01]] Txomin Nieva and Alain Wegmann. A Role-based Use Case Model for Remote Data Acquisition Systems. Technical Report DSC/201/031, Institute for Computer Communications and Applications (ICA), Swiss Federal Institute of Technology, Lausanne, Switzerland, 2001.
     
    481519  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/guide.pdf Ope05]] The OpenLDAP Foundation. ''OpenLDAP Software 2.3 Administrator's Guide'', 2005.
    482520
    483   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p155-oh.pdf OS02]] Sejong Oh and Ravi Sandhu. A Model for Role Administration Using Organization Structure. In ''SACMAT '02: Proceedings of the seventh ACM symposium on Access control models and technologies'', pages 155--162, New York, NY, USA, 2002. ACM Press.
     521  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p155-oh.pdf OS02]] Sejong Oh and Ravi Sandhu. A Model for Role Administration Using Organization Structure. In ''SACMAT '02: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies'', pages 155--162, New York, NY, USA, 2002. ACM Press.
    484522
    485523  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p31-osborn.pdf Osb97]] Sylvia Osborn. Mandatory Access Control and Role-Based Access Control Revisited. In ''RBAC '97: Proceedings of the Second ACM Workshop on Role-Based Access Control'', pages 31--40, New York, NY, USA, 1997. ACM Press.
     
    513551  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/Pavlich-IFIP05.pdf PMDME05]] Jaime A. Pavlich-Mariscal, Thuong Doan, Laurent Michel, Steven A. Demurjian, and T. C. Ting. Role Slices: A Notation for RBAC Permission Assignment and Enforcement. In S. Jojodia, editor, ''Proceedings of the 19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security'', volume 3654 of ''Lecture Notes in Computer Science'', pages 40--53, Berlin / Heidelberg, August 2005. Springer.
    514552
     553  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/CSAPe.pdf PMDP04]] Torsten Priebe, Björn Muschall, Wolfgang Dobmeier, and Günther Pernul. ''A Flexible Security System for Enterprise and e-Government Portals'', volume 3180 of ''Lecture Notes in Computer Science'', pages 884--893. Springer, Berlin / Heidelberg, October 2004.
     554
    515555  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/rbacaspect.pdf PMMD05]] Jaime Pavlich-Mariscal, Laurent Michel, and Steven Demurjian. ''A Formal Enforcement Framework for Role-Based Access Control Using Aspect-Oriented Programming'', volume 3713 of ''Lecture Notes in Computer Science'', pages 537--552. Springer, Berlin / Heidelberg, 2005.
    516556
     
    541581  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/IFIP04-mutability.pdf PZS04]] Jaehong Park, Xinwen Zhang, and Ravi S. Sandhu. Attribute Mutability in Usage Control. In Csilla Farkas and Pierangela Samarati, editors, ''Proceedings of the Eighteenth Annual Conference on Data and Applications Security, Research Directions in Data and Applications Security XVIII, IFIP TC11/WG 11.3'', pages 15--29. Kluwer, July 2004.
    542582
    543   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/report02-1.pdf Res02]] Research Triangle Institute. The Economic Impact of Role Based Access Control. Technical Report Planning Report 02-01, NIST, 2002.
     583  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p115-ray.pdf RLFK04]] Indrakshi Ray, Na Li, Robert France, and Dae-Kyoo Kim. Using UML to Visualize Role-Based Access Control Constraints. In ''SACMAT '04: Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies'', pages 115--124, New York, NY, USA, 2004. ACM Press.
    544584
    545585  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01233707.pdf RNKZ03]] Tatyana Ryutov, Clifford Neuman, Dongho Kim, and Li Zhou. Integrated Access Control and Intrusion Detection for Web Servers. ''IEEE Transactions on Parallel and Distributed Systems'', 14(9):841--850, September 2003.
     
    561601  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/fulltext-1.pdf SAGM05]] Karsten Sohr, Gail-Joon Ahn, Martin Gogolla, and Lars Migge. Specification and Validation of Authorisation Constraints Using UML and OCL. In Sabrina De Capitani di Vimercati, Paul F. Syverson, and Dieter Gollmann, editors, ''Computer Security, Proceedings of the 10th European Symposium on Research in Computer Security - ESORICS 2005'', volume 3679 of ''Lecture Notes in Computer Science'', pages 64--79, Berlin / Heidelberg, September 2005. Springer.
    562602
    563   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p15-sohr.pdf SAM05]] Karsten Sohr, Gail-Joon Ahn, and Lars Migge. Articulating and Enforcing Authorisation Policies with UML and OCL. In ''SESS '05: Proceedings of the 2005 Workshop on Software engineering for secure systems - building trustworthy applications'', pages 1--7, New York, NY, USA, 2005. ACM Press.
     603  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p15-sohr.pdf SAM05]] Karsten Sohr, Gail-Joon Ahn, and Lars Migge. Articulating and Enforcing Authorisation Policies with UML and OCL. In ''SESS '05: Proceedings of the 2005 Workshop on Software Engineering for Secure Systems - Building Trustworthy Applications'', pages 1--7, New York, NY, USA, 2005. ACM Press.
    564604
    565605  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00113349.pdf San88]] Ravi S. Sandhu. Transaction Control Expressions for Separation of Duties. In ''Proceedings of the Fourth Aerospace Computer Security Applications Conference'', pages 282--286, Washington, DC, USA, December 1988. IEEE Computer Society.
     
    593633  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p41-sandhu.pdf SBCE97]] Ravi Sandhu, Venkata Bhamidipati, Edward Coyne, Srinivas Canta, and Charles Youman. The ARBAC97 Model for Role-Based Administration of Roles: Preliminary Description and Outline. In ''Proceedings of 2nd ACM Workshop on Role-Based Access Control'', pages 41--54, New York, NY, USA, November 1997. ACM.
    594634
    595   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p58-shehab.pdf SBG05a]] Mohamed Shehab, Elisa Bertino, and Arif Ghafoor. Secure Collaboration in Mediator-Free Environments. In ''CCS '05: Proceedings of the 12th ACM conference on Computer and communications security'', pages 58--67, New York, NY, USA, 2005. ACM Press.
     635  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p58-shehab.pdf SBG05a]] Mohamed Shehab, Elisa Bertino, and Arif Ghafoor. Secure Collaboration in Mediator-Free Environments. In ''CCS '05: Proceedings of the 12th ACM Conference on Computer and Communications Security'', pages 58--67, New York, NY, USA, 2005. ACM Press.
    596636
    597637  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p159-shehab.pdf SBG05b]] Mohamed Shehab, Elisa Bertino, and Arif Ghafoor. SERAT: SEcure Role mApping Technique for Decentralized Secure Interoperability. In ''SACMAT '05: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies'', pages 159--167, New York, NY, USA, 2005. ACM Press.
     
    607647  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/schaad03framework.pdf Sch03]] Andreas Schaad. ''A Framework for Organisational Control Principles''. PhD thesis, The University of York, July 2003. Advisor: Dr. Jonathan Moffett.
    608648
    609   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p32-siewe.pdf SCZ03]] François Siewe, Antonio Cau, and Hussein Zedan. A Compositional Framework for Access Control Policies Enforcement. In ''FMSE '03: Proceedings of the 2003 ACM workshop on Formal methods in security engineering'', pages 32--42, New York, NY, USA, 2003. ACM Press.
     649  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p32-siewe.pdf SCZ03]] François Siewe, Antonio Cau, and Hussein Zedan. A Compositional Framework for Access Control Policies Enforcement. In ''FMSE '03: Proceedings of the 2003 ACM Workshop on Formal Methods in Security Engineering'', pages 32--42, New York, NY, USA, 2003. ACM Press.
    610650
    611651  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p332-sohr.pdf SDA05]] Karsten Sohr, Michael Drouineaud, and Gail-Joon Ahn. Formal Specification of Role-Based Security Policies for Clinical Information Systems. In ''SAC '05: Proceedings of the 2005 ACM Symposium on Applied Computing'', pages 332--339, New York, NY, USA, 2005. ACM Press.
     
    617657  [[http://dream.sims.berkeley.edu/doc-eng/projects/ROLES/roles-final-report.html SGGE02]] Calvin Smith, Patrick Garvey, Marc Gratacos, E. Liggett, and Charis Kaskiris. ROLES Project Final Report. Technical report, University of California, Berkeley, The Center for Document Engineering, December 2002.
    618658
     659  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p181-seacord.pdf SH98]] Robert C. Seacord and Scott A. Hissam. Browsers for Distributed Systems: Universal Paradigm or Siren's Song? ''World Wide Web'', 1(4):181--191, 1998. see also 98tr010.pdf.
     660
    619661  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/2006-19.pdf Sha06]] Basit Shafiq. ''Access Control Management and Security in Multi-Domain Collaborative Environments''. PhD thesis, Purdue University, 2006.
    620662
     
    639681  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p1380-schaad.pdf SM04]] Andreas Schaad and Jonathan Moffett. Separation, Review and Supervision Controls in the Context of a Credit Application Process -- A Case Study of Organisational Control Principles. In ''SAC '04: Proceedings of the 2004 ACM Symposium on Applied Computing'', pages 1380--1384, New York, NY, USA, 2004. ACM Press.
    640682
    641   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p3-schaad.pdf SMJ01]] Andreas Schaad, Jonathan Moffett, and Jeremy Jacob. The Role-Based Access Control System of a European Bank: A Case Study and Discussion. In ''SACMAT '01: Proceedings of the sixth ACM symposium on Access control models and technologies'', pages 3--9, New York, NY, USA, 2001. ACM Press.
     683  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p3-schaad.pdf SMJ01]] Andreas Schaad, Jonathan Moffett, and Jeremy Jacob. The Role-Based Access Control System of a European Bank: A Case Study and Discussion. In ''SACMAT '01: Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies'', pages 3--9, New York, NY, USA, 2001. ACM Press.
    642684
    643685  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01544773.pdf SMJG05]] Basit Shafiq, Ammar Masood, James Joshi, and Arif Ghafoor. A Role-Based Access Control Policy Verification Framework for Real-Time Systems. In ''10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems'', pages 13--20, Washington, DC, USA, February 2005. IEEE Computer Society.
     
    661703  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00312842.pdf SS94]] Ravi S. Sandhu and Pierangela Samarati. Access Control: Principles and Practice. ''IEEE Communications Magazine'', 32(9):40--48, September 1994.
    662704
     705  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/skm04.pdf SSN04]] Gerald Stermsek, Mark Strembeck, and Gustaf Neumann. Using Subject- and Object-Specific Attributes for Access Control in Web-based Knowledge Management Systems. In ''Proceedings of the Workshop on Secure Knowledge Management (SKM)'', pages 1--6, September 2004.
     706
    663707  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p1328-schaad.pdf SSW05]] Andreas Schaad, Pascal Spadone, and Helmut Weichsel. A Case Study of Separation of Duty Properties in the Context of the Austrian "eLaw" Process. In ''SAC '05: Proceedings of the 2005 ACM Symposium on Applied Computing'', pages 1328--1332, New York, NY, USA, 2005. ACM Press.
    664708
     
    679723  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00596811.pdf SZ97]] Richard T. Simon and Mary Ellen Zurko. Separation of Duty in Role-Based Environments. In ''Proceedings of the 10th Computer Security Foundations Workshop'', pages 183--194, June 1997.
    680724
    681   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p147-sandhu.pdf SZ05]] Ravi Sandhu and Xinwen Zhang. Peer-to-Peer Access Control Architecture Using Trusted Computing Technology. In ''SACMAT '05: Proceedings of the tenth ACM symposium on Access control models and technologies'', pages 147--158, New York, NY, USA, 2005. ACM Press.
     725  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/tecos04.pdf SZ04]] Mark Strembeck and Uwe Zdun. Scenario-based Component Testing Using Embedded Metadata. In Sami Beydeda, Volker Gruhn, Johannes Mayer, Ralf Reussner, and Franz Schweiggert, editors, ''Testing of Component-Based Systems and Software Quality, Proceedings of SOQUA 2004 (First International Workshop on Software Quality) and TECOS 2004 (Workshop Testing Component-Based Systems)'', volume 58 of ''Lecture Notes in Informatics (LNI)'', pages 1--15. GI, September 2004.
     726
     727  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p147-sandhu.pdf SZ05]] Ravi Sandhu and Xinwen Zhang. Peer-to-Peer Access Control Architecture Using Trusted Computing Technology. In ''SACMAT '05: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies'', pages 147--158, New York, NY, USA, 2005. ACM Press.
     728
     729  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/odal06.pdf SZ06]] Mark Strembeck and Uwe Zdun. Definition of an Aspect-Oriented DSL Using a Dynamic Programming Language. In ''Proceedings of the Workshop on Open and Dynamic Aspect Languages (ODAL)'', March 2006.
    682730
    683731  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p29-tolone.pdf TAPH05]] William Tolone, Gail-Joon Ahn, Tanusree Pai, and Seng-Phil Hong. Access Control in Collaborative Systems. ''ACM Comput. Surv.'', 37(1):29--41, 2005.
     
    695743  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/2004-10.pdf TL04]] Mahesh V. Tripunitara and Ninghui Li. Comparing the Expressive Power of Access Control Models. Technical Report TR 2004-10, Purdue University CERIAS, August 2004.
    696744
    697   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/CRPITV21ATaylor.pdf TM03]] Kerry Taylor and James Murty. Implementing Role Based Access Control for Federated Information Systems on the Web. In ''ACSW Frontiers '03: Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003'', pages 87--95, Darlinghurst, Australia, Australia, 2003. Australian Computer Society, Inc.
     745  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/CRPITV21ATaylor.pdf TM03]] Kerry Taylor and James Murty. Implementing Role Based Access Control for Federated Information Systems on the Web. In ''ACSW Frontiers '03: Proceedings of the Australasian Information Security Workshop Conference on ACSW Frontiers 2003'', pages 87--95, Darlinghurst, Australia, Australia, 2003. Australian Computer Society, Inc.
    698746
    699747  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/2005-83.pdf Tri05]] Mahesh V. Tripunitara. ''A Theory Based on Security Analysis for Comparing the Expressive Power of Access Control Models''. PhD thesis, Purdue University, 2005.
    700748
     749  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/b93tba.pdf TS93]] Roshan K. Thomas and Ravi S. Sandhu. Task-Based Authorization: A Paradigm for Flexible and Adaptable Access Control in Distributed Applications (Extended Abstract). In ''Proceedings of the 16th NIST-NCSC National Computer Security Conference'', pages 409--415, September 1993.
     750
    701751  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/i97tbac.pdf TS98]] Roshan K. Thomas and Ravi S. Sandhu. Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management. In ''Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI'', pages 166--181, London, UK, 1998. Chapman & Hall, Ltd.
    702752
     
    707757  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/wainer01wrbac.pdf WBK01]] Jacques Wainer, Paulo Barthelmess, and Akhil Kumar. W-RBAC - A workflow security model incorporating controlled overriding of constraints. Technical Report IC-01-013, Instituto de Computação, Universidade Estadual de Campinas, October 2001.
    708758
     759  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00790905.pdf WBS99]] Shukri Wakid, John Barkley, and Mark Skall. Object Retrieval and Access Management in Electronic Commerce. ''IEEE Communications Magazine'', 37(9):74--77, September 1999.
     760
    709761  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01342816.pdf WJYJ04]] Xu Wei, Wei Jun, Liu Yu, and Li Jing. SOWAC: A Service-Oriented Workflow Access Control Model. In ''Proceedings of the 28th Annual International Computer Software and Applications Conference, 2004. COMPSAC 2004'', volume 1, pages 128--134, September 2004.
    710762
     
    717769  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01376833.pdf YHM04]] Wataru Yamazaki, Hironori Hiraishi, and Fumio Mizoguchi. Designing an Agent-Based RBAC System for Dynamic Security Policy. In ''WETICE '04: Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises'', pages 199--204, Washington, DC, USA, 2004. IEEE Computer Society.
    718770
    719   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p171-yao.pdf YMB01]] Walt Yao, Ken Moody, and Jean Bacon. A Model of OASIS Role-Based Access Control and Its Support for Active Security. In ''SACMAT '01: Proceedings of the sixth ACM symposium on Access control models and technologies'', pages 171--181, New York, NY, USA, 2001. ACM Press.
     771  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p171-yao.pdf YMB01]] Walt Yao, Ken Moody, and Jean Bacon. A Model of OASIS Role-Based Access Control and Its Support for Active Security. In ''SACMAT '01: Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies'', pages 171--181, New York, NY, USA, 2001. ACM Press.
    720772
    721773  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01414530.pdf YS04]] Burin Yenmunkong and Chanboon Sathitwiriyawong. An Experimental Study of ERBAC03 for Access Control Administration. In ''2004 IEEE Region 10 Conference, TENCON 2004'', volume B2, pages 57--60, November 2004.
     
    725777  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/Paper_code16.pdf ZM04]] Wei Zhou and Christoph Meinel. Implement Role Based Access Control with Attribute Certificates. In ''The 6th International Conference on Advanced Communication Technology'', pages 536--540, Washington, DC, USA, 2004. IEEE Computer Society.
    726778
    727   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p149-zhang.pdf ZOS03]] Xinwen Zhang, Sejong Oh, and Ravi Sandhu. PBDM: A Flexible Delegation Model in RBAC. In ''SACMAT '03: Proceedings of the eighth ACM symposium on Access control models and technologies'', pages 149--157, New York, NY, USA, 2003. ACM Press.
    728 
    729   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/04-zhang-logic.pdf ZPPPS04]] Xinwen Zhang, Jaehong Park, Francesco Parisi-Presicce, and Ravi Sandhu. A Logical Specification for Usage Control. In ''SACMAT '04: Proceedings of the Ninth ACM symposium on Access Control Models and Technologies'', pages 1--10, New York, NY, USA, 2004. ACM Press.
     779  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p149-zhang.pdf ZOS03]] Xinwen Zhang, Sejong Oh, and Ravi Sandhu. PBDM: A Flexible Delegation Model in RBAC. In ''SACMAT '03: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies'', pages 149--157, New York, NY, USA, 2003. ACM Press.
     780
     781  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/04-zhang-logic.pdf ZPPPS04]] Xinwen Zhang, Jaehong Park, Francesco Parisi-Presicce, and Ravi Sandhu. A Logical Specification for Usage Control. In ''SACMAT '04: Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies'', pages 1--10, New York, NY, USA, 2004. ACM Press.
    730782
    731783  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p351-zhang.pdf ZPPSP05]] Xinwen Zhang, Francesco Parisi-Presicce, Ravi Sandhu, and Jaehong Park. Formal Model and Policy Specification of Usage Control. ''ACM Trans. Inf. Syst. Secur.'', 8(4):351--387, 2005.
     
    733785  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/schema-based-xml-security.pdf ZPS03]] Xinwen Zhang, Jaehong Park, and Ravi Sandhu. Schema Based XML Security: RBAC Approach. In ''Proceedings of the Seventeenth Annual IFIP WG 11.3 Working Conference on Data and Applications Security'', pages 1--15, August 2003.
    734786
     787  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/sc06-1.pdf ZS06a]] Uwe Zdun and Mark Strembeck. Modeling Composition in Dynamic Programming Environments with Model Transformations. In ''Proceedings of the 5th International Symposium on Software Composition (SC)'', number LNCS 4089 in Lecture Notes in Computer Science. Springer, Berlin / Heidelberg, March 2006.
     788
     789  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/late06.pdf ZS06b]] Uwe Zdun and Mark Strembeck. Modeling the Evolution of Aspect Configurations using Model Transformations. In ''Proceedings of the Linking Aspect Technology and Evolution Workshop (LATE)'', March 2006.
     790
    735791  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/RBAC-1.pdf ZWCJ02]] John Zao, Hoetech Wee, Jonathan Chu, and Daniel Jackson. RBAC Schema Verification Using Lightweight Formal Model and Constraint Analysis. Technical report, MIT, 2002.
    736792
     
    739795  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00933700.pdf ZY01b]] Chang N. Zhang and Cungang Yang. Specification and Enforcement of Object-Oriented RBAC Model. In ''Proceedings of the Canadian Conference on Electrical and Computer Engineering, 2001'', volume 1, pages 301--305, 2001.
    740796
     797