Results 1 - 10
of
797
Policy Analysis for Self-administrated Role-based Access Control
"... Abstract. Current techniques for security analysis of administrative role-based access control (ARBAC) policies restrict themselves to the separate administration assumption that essentially separates administrative roles from regular ones. The naive algorithm of tracking all users is all that is kn ..."
Abstract
-
Cited by 6 (1 self)
- Add to MetaCart
Abstract. Current techniques for security analysis of administrative role-based access control (ARBAC) policies restrict themselves to the separate administration assumption that essentially separates administrative roles from regular ones. The naive algorithm of tracking all users is all
Policy analysis for administrative role based access control
- In Proc. 19th IEEE Computer Security Foundations Workshop (CSFW
, 2006
"... Role-Based Access Control (RBAC) is a widely used model for expressing access control policies. In large organizations, the RBAC policy may be collectively managed by many administrators. Administrative RBAC (ARBAC) is a model for expressing the authority of administrators, thereby specifying how an ..."
Abstract
-
Cited by 43 (5 self)
- Add to MetaCart
Role-Based Access Control (RBAC) is a widely used model for expressing access control policies. In large organizations, the RBAC policy may be collectively managed by many administrators. Administrative RBAC (ARBAC) is a model for expressing the authority of administrators, thereby specifying how
Efficient Symbolic Automated Analysis of Administrative Role Based Access Control Policies
- In ASIACCS
, 2011
"... Automated techniques for the security analysis of Role-Based Access Control (RBAC) access control policies are crucial for their design and maintenance. The definition of administrative domains by means of attributes attached to users makes the RBAC model easier to use in real scenarios but complica ..."
Abstract
-
Cited by 8 (3 self)
- Add to MetaCart
Automated techniques for the security analysis of Role-Based Access Control (RBAC) access control policies are crucial for their design and maintenance. The definition of administrative domains by means of attributes attached to users makes the RBAC model easier to use in real scenarios
Efficient Policy Analysis for Evolving Administrative Role Based Access Control 1
"... Abstract Role Based Access Control (RBAC) has been widely used for restricting resource access to only authorized users. Administrative Role Based Access Control (ARBAC) specifies permissions for administrators to change RBAC policies. Due to complex interactions between changes made by different ad ..."
Abstract
- Add to MetaCart
incremental algorithms outperform the non-incremental algorithm in terms of execution time at a reasonable cost of increased disk space consumption. Key words: security, administrative role-based access control, security policy analysis 1
Symbolic Reachability Analysis for Parameterized Administrative Role Based Access Control
, 2009
"... Role based access control (RBAC) is a widely used access control paradigm. In large organizations, the RBAC policy is managed by multiple administrators. An administrative role based access control (ARBAC) policy specifies how each administrator may change the RBAC policy. It is often difficult to f ..."
Abstract
-
Cited by 11 (2 self)
- Add to MetaCart
Role based access control (RBAC) is a widely used access control paradigm. In large organizations, the RBAC policy is managed by multiple administrators. An administrative role based access control (ARBAC) policy specifies how each administrator may change the RBAC policy. It is often difficult
On the formal definition of separation-of-duty policies and their composition
- Proc. IEEE Symposium on Security and Privacy
, 1998
"... In this paper we define formally a wide variety of separation-of-duty (SoD) properties, which include the best known to date, and establish their relationships within a formal model of role-based access control (RBAC). The formalism helps remove all ambiguities of informal definition, and offers a w ..."
Abstract
-
Cited by 101 (6 self)
- Add to MetaCart
In this paper we define formally a wide variety of separation-of-duty (SoD) properties, which include the best known to date, and establish their relationships within a formal model of role-based access control (RBAC). The formalism helps remove all ambiguities of informal definition, and offers a
Vac- Verifier of Administrative Role-based Access Control Policies
"... Abstract. In this paper we present Vac, an automatic tool for verifying security properties of administrative Role-based Access Control (RBAC).RBAChasbecomeanincreasingly popularaccesscontrolmodel, particularly suitable for large organizations, andit is implementedin several software. Automatic secu ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
Abstract. In this paper we present Vac, an automatic tool for verifying security properties of administrative Role-based Access Control (RBAC).RBAChasbecomeanincreasingly popularaccesscontrolmodel, particularly suitable for large organizations, andit is implementedin several software. Automatic
Security Analysis and Administrative Insider Threat Assessment in Role-Based Access Control
, 2005
"... Specifying and managing access control policies is a challenging problem. We propose to develop formal verification techniques for access control policies to improve the current state of the art of policy specification and management. In this paper, we formalize classes of security analysis and admi ..."
Abstract
- Add to MetaCart
and administrative insider threat assessment problems in the context of Role-Based Access Control. We show that in general these problems are PSPACE-complete. We also study the factors that contribute to the computational complexity by considering a lattice of various subcases of the problem with different
SECURITY ANALYSIS IN ROLE-BASED ACCESS CONTROL
, 2005
"... The administration of large Role-Based Access Control (RBAC) systems is a challenging problem. In order to administer such systems, decentralization of administration tasks by the use of delegation is an effective approach. While the use of delegation greatly enhances flexibility and scalability, it ..."
Abstract
-
Cited by 70 (11 self)
- Add to MetaCart
The administration of large Role-Based Access Control (RBAC) systems is a challenging problem. In order to administer such systems, decentralization of administration tasks by the use of delegation is an effective approach. While the use of delegation greatly enhances flexibility and scalability
Results 1 - 10
of
797