CiteSeerX — Search Results — Policy analysis for administrative role based access control without separate administration

Results 1 - 10 of 797

Policy Analysis for Self-administrated Role-based Access Control

by Anna Lisa Ferrara, P. Madhusudan, Gennaro Parlato

"... Abstract. Current techniques for security analysis of administrative role-based access control (ARBAC) policies restrict themselves to the separate administration assumption that essentially separates administrative roles from regular ones. The naive algorithm of tracking all users is all that is kn ..."

Abstract - Cited by 6 (1 self) - Add to MetaCart

Abstract. Current techniques for security analysis of administrative role-based access control (ARBAC) policies restrict themselves to the separate administration assumption that essentially separates administrative roles from regular ones. The naive algorithm of tracking all users is all

Policy analysis for administrative role based access control

by Amit Sasturkar, Ping Yang, Scott D. Stoller, C. R. Ramakrishnan - In Proc. 19th IEEE Computer Security Foundations Workshop (CSFW , 2006

"... Role-Based Access Control (RBAC) is a widely used model for expressing access control policies. In large organizations, the RBAC policy may be collectively managed by many administrators. Administrative RBAC (ARBAC) is a model for expressing the authority of administrators, thereby specifying how an ..."

Abstract - Cited by 43 (5 self) - Add to MetaCart

Role-Based Access Control (RBAC) is a widely used model for expressing access control policies. In large organizations, the RBAC policy may be collectively managed by many administrators. Administrative RBAC (ARBAC) is a model for expressing the authority of administrators, thereby specifying how

Efficient Symbolic Automated Analysis of Administrative Role Based Access Control Policies

by Francesco Alberti, Università Della Svizzera, Italiana Lugano, Alessandro Armando, Silvio Ranise - In ASIACCS , 2011

"... Automated techniques for the security analysis of Role-Based Access Control (RBAC) access control policies are crucial for their design and maintenance. The definition of administrative domains by means of attributes attached to users makes the RBAC model easier to use in real scenarios but complica ..."

Abstract - Cited by 8 (3 self) - Add to MetaCart

Automated techniques for the security analysis of Role-Based Access Control (RBAC) access control policies are crucial for their design and maintenance. The definition of administrative domains by means of attributes attached to users makes the RBAC model easier to use in real scenarios

Efficient Policy Analysis for Evolving Administrative Role Based Access Control 1

by Mikhail I. Gofman, Ping Yang

"... Abstract Role Based Access Control (RBAC) has been widely used for restricting resource access to only authorized users. Administrative Role Based Access Control (ARBAC) specifies permissions for administrators to change RBAC policies. Due to complex interactions between changes made by different ad ..."

Abstract - Add to MetaCart

incremental algorithms outperform the non-incremental algorithm in terms of execution time at a reasonable cost of increased disk space consumption. Key words: security, administrative role-based access control, security policy analysis 1

Symbolic Reachability Analysis for Parameterized Administrative Role Based Access Control

by Scott D. Stoller, Ping Yang, Mikhail Gofman, C. R. Ramakrishnan , 2009

"... Role based access control (RBAC) is a widely used access control paradigm. In large organizations, the RBAC policy is managed by multiple administrators. An administrative role based access control (ARBAC) policy specifies how each administrator may change the RBAC policy. It is often difficult to f ..."

Abstract - Cited by 11 (2 self) - Add to MetaCart

Role based access control (RBAC) is a widely used access control paradigm. In large organizations, the RBAC policy is managed by multiple administrators. An administrative role based access control (ARBAC) policy specifies how each administrator may change the RBAC policy. It is often difficult

On the formal definition of separation-of-duty policies and their composition

by Virgil D. Gligor, Serban I. Gavrila, David Ferraiolo - Proc. IEEE Symposium on Security and Privacy , 1998

"... In this paper we define formally a wide variety of separation-of-duty (SoD) properties, which include the best known to date, and establish their relationships within a formal model of role-based access control (RBAC). The formalism helps remove all ambiguities of informal definition, and offers a w ..."

Abstract - Cited by 101 (6 self) - Add to MetaCart

In this paper we define formally a wide variety of separation-of-duty (SoD) properties, which include the best known to date, and establish their relationships within a formal model of role-based access control (RBAC). The formalism helps remove all ambiguities of informal definition, and offers a

Vac- Verifier of Administrative Role-based Access Control Policies

by Anna Lisa Ferrara, P. Madhusudan, Truc L. Nguyen, Gennaro Parlato

"... Abstract. In this paper we present Vac, an automatic tool for verifying security properties of administrative Role-based Access Control (RBAC).RBAChasbecomeanincreasingly popularaccesscontrolmodel, particularly suitable for large organizations, andit is implementedin several software. Automatic secu ..."

Abstract - Cited by 2 (0 self) - Add to MetaCart

Abstract. In this paper we present Vac, an automatic tool for verifying security properties of administrative Role-based Access Control (RBAC).RBAChasbecomeanincreasingly popularaccesscontrolmodel, particularly suitable for large organizations, andit is implementedin several software. Automatic

Role-Based Access Control Policy Administration

by András Belokosztolszki , 2004

"... ..."

Abstract - Cited by 3 (0 self) - Add to MetaCart

Abstract not found

Security Analysis and Administrative Insider Threat Assessment in Role-Based Access Control

by Somesh Jha, Ninghui Li, Mahesh Tripunitara, Qihua Wang, William Winsborough , 2005

"... Specifying and managing access control policies is a challenging problem. We propose to develop formal verification techniques for access control policies to improve the current state of the art of policy specification and management. In this paper, we formalize classes of security analysis and admi ..."

Abstract - Add to MetaCart

and administrative insider threat assessment problems in the context of Role-Based Access Control. We show that in general these problems are PSPACE-complete. We also study the factors that contribute to the computational complexity by considering a lattice of various subcases of the problem with different

SECURITY ANALYSIS IN ROLE-BASED ACCESS CONTROL

by Ninghui Li, Mahesh V. Tripunitara , 2005

"... The administration of large Role-Based Access Control (RBAC) systems is a challenging problem. In order to administer such systems, decentralization of administration tasks by the use of delegation is an effective approach. While the use of delegation greatly enhances flexibility and scalability, it ..."

Abstract - Cited by 70 (11 self) - Add to MetaCart

The administration of large Role-Based Access Control (RBAC) systems is a challenging problem. In order to administer such systems, decentralization of administration tasks by the use of delegation is an effective approach. While the use of delegation greatly enhances flexibility and scalability

Results 1 - 10 of 797

Tools