A formal model for role-based access control with constraints
- 23 December 2002
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- p. 136-145
- https://doi.org/10.1109/csfw.1996.503698
Abstract
The aim of this work is to give a formal foundation to the notion of role-based access control through the introduction of a new model and the formal specification of its semantics. The proposed model takes into account all the main topics currently under discussion in this area, including constraints and separation of duties. Moreover, it is suitable both for conceptual design purpose and direct implementation within real systems.Keywords
This publication has 4 references indexed in Scilit:
- Role-based security, object oriented databases and separation of dutyACM SIGMOD Record, 1993
- A model of authorization for next-generation database systemsACM Transactions on Database Systems, 1991
- Naming and grouping privileges to simplify security management in large databasesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,1990
- A Comparison of Commercial and Military Computer Security PoliciesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,1987