Role-based access control is one the most popular models adopted in commercial security and identity management products. However creating and maintaining such systems have been proven to be not an easy task. In this paper we review several issues that affect the usability of RBAC systems and discuss the advantages and limitations of role mining, a popular topic in the research community, as me...

Role-based access control (RBAC) has significantly simplified the management of users and permissions in computing systems. In dynamic environments, systems are subject to changes, so that the associated configurations need to be updated accordingly in order to reflect the systems’ evolution. Access control update is complex, especially for large-scale systems; because the updated system is exp...

The universal adoption of the Internet requires a fine grained access control in the sharing of sensitive resources. However, existing access control mechanisms are inflexible and do not help in alleviating the management task of administrating users’ access to resources based on security policies. In this paper, we propose an approach to implement fine-grained access control based on RBAC whil...

We present a specification approach of secured systems as transition systems and security policies as constraints that guard the transitions. In this context, security properties are expressed as invariants. Then we propose an abduction algorithm to generate possible security policies for a given transition-based system. Because abduction is guided by invariants, the generated security policies...

The ubiquity of low-cost GPS-enabled mobile devices and the proliferation of online social networks have enabled the collection of rich geo-social information that includes the whereabouts of the users and their social connections. This information can be used to provide a rich set of access control policies that ensure that resources are utilized securely. Existing literature focuses on provid...

In this talk, we present a formal approach for role-based access control systems design and emphasize the role of conceptual modelling of various relationships and constraints in RBAC systems. Users access control is a critical and sensitive issue in many systems and applications, especially for many web-based systems with large number of users, proper access control is a key issue for system s...

In the present computing environment, access control decisions are often based on contextual information like the location of users and objects as well as the time of making an access request. Several variants of Role based Access Control (RBAC) have recently been proposed that support spatio-temporal policy specifications. However, unlike the administrative models available for RBAC, there is ...

As computing technology becomes more pervasive and mobile services are deployed, applications will need flexible access control mechanisms. Unlike traditional approaches for access control, access decisions for these applications will depend on the combination of the required credentials of users and the context and state of the system. In this paper, we extend the role-based access control mod...

The paper focuses on role engineering which is an important topic in the development of access control system, particularly when considering Role Based Access Control – RBAC models. Despite the wide use of RBAC in various applications, the role engineering process is not a standardized approach. The paper aims to define a methodology and a process model for role engineering.

Workflow systems are often associated with Business Process Re-engineering (BPR). This paper argues that the functional access control requirements in workflow systems are rooted in the scope of a BPR project. A framework for access control in Workflow Systems is developed. The framework suggests that existing Role-based Access Control (RBAC) mechanisms can be used as a foundation in workflow s...