Though RBAC has been researched for many years as a current dominant access control technology, there are few researches to be done to address the further extension of the role which is the fundamental entity of RBAC. This paper tries to extend the role to a further level, the role attributes. Through the attributes, the function and operation on the role can be enhanced and extended. Through t...

Many RBAC models have augmented the fundamental requirement of a role abstraction with features such as parameterised roles and environment-aware policy. This paper examines the potential for unintentional leakage of information during RBAC policy enforcement, either through the exchange of parameters with external services when checking environmental conditions, or through a policy design whic...

This paper describes how location-aware Role-Based Access Control (RBAC) can be implemented on top of the Geographically eXtensible Access Control Markup Language (GeoXACML). It furthermore sketches how spatial separation of duty constraints (both static and dynamic) can be implemented using GeoXACML on top of the XACML RBAC profile. The solution uses physical addressing of geographical locatio...

Role engineering for role-based access control (RBAC) is a process to define roles, permissions, constraints, and role hierarchies. The scenario-driven role engineering process provides a systematic way to elicit the RBAC components. However, the traceability between those components has not been well analyzed. As a result, it is both time-consuming and error-prone to modify the RBAC components...

Role Based Access Control (RBAC) refers to a class of security mechanisms that mediate access to resources through organizational identities called roles. A number of models have been published [1, 2 ,3] that formally describe the basic properties of RBAC. One feature of these models is the notion of a role hierarchy, which represents the relationship among roles that are defined in terms of ot...

Özet. Anlamsal web, web içeriklerinin diğer yazılımlar tarafından anlaşılabilir, yorumlanabilir, kullanılabilir olmasını ve bilginin paylaşılmasını amaçlamaktadır. Anlamsal web’de bilginin güvenliği erişim denetimi ile sağlanmaktadır. OBAC(Ontology Based Access Control – Ontoloji Tabanlı Erişim Denetimi) verinin anlamsal tanımının olduğu ontolojilere erişim denetiminin sağlanmasında kullanılan ...

Role-based access control (RBAC) has attracted considerable research interest. However, the computational issues of RBAC models are yet to be thoroughly studied. In this paper, we study the problem of efficient maintenance of large RBAC models in a database-based multi-domain Web service environment. We propose first-order (SQL) algorithms to maintain the reachability of access roles under dyna...

Access Control is an important mechanism of information security. Role-Based Access Control is a famous access control approach with good flexibility. RBAC96 and ARBAC97 are classical RBAC models. The ARBAC97 model facilitates decentralized administration of RBAC. However, ARBAC97 has some shortcomings in the case of being used in an organization with autonomous subsidiaries. The member of an a...

Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC), which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the...

Role-Based Access Control (RBAC) has been widely used in information systems, including so-called critical systems. In business, workflows are to control the flow of processes. One major issues concerning these processes is be able verify that a proposed process model strictly corresponds specifications which it supposed respond. models describe frameworks dictate permissions. The RBAC generall...