This paper analyzes and compares role-based access control (RBAC) features supported in the most recent versions of three popular commercial database management systems: Informix Online Dynamic Server Version 7.2, Oracle Enterprise Server Version 8.0 and Sybase Adaptive Server Release 11.5. We categorize RBAC features under three broad areas: user role assignment, support for role relationships...

Access control needs to be more flexible and fine-grained to support cooperative tasks and processes performed by dynamic teams. This can be done by applying state-of-theart role-based access control (RBAC) technology. This paper examines how to integrate RBAC in a team-based organization context and how to apply such access control to hypermedia structures. Based on the analysis of these issue...

With increasing numbers of organizations automating their business processes by using workflow systems, security aspects of workflow systems has become a heavily researched area. Also, most workflow processes nowadays need to be adaptive, i.e., constantly changing, to meet changing business conditions. However, little attention has been paid to integrating Security and Adaptive Workflow. In thi...

Mobile health records are a good way of providing users with on-demand access to health care data. Standard approaches of securing health records include role-based access control (RBAC) because this is a flexible approach to assign permissions to a wide variety of users. However, traditional RBAC models are not designed to enforce fine-grained access control. For instance, in mobile health rec...

The traditional manual way of thesis management is increasingly satisfying the demand of thesis guidance and administrative management in the information age. To improve the traditional manual undergraduate thesis writing, guidance and administrative management process in Southwest University of China, a Role-based access control (RBAC) Workflow model for thesis management is developed. In the ...

We consider the setting of secure publishing of XML documents, in which read-only access control policies (ACPs) over static XML datasets are enforced using cryptographic keys. The role-based access control (RBAC) model provides a flexible method for specifying such policies. Extending the RBAC model to include role parameterization addresses the problem of role proliferation which can occur in...

The goal of access control is to allow only authorized users to access sensitive information. Role based access control (RBAC) is emerging as a generalized approach to security and has been shown to be applicable to a wide range of security requirements of organizations and applications [3]. Possibility of using RBAC approach to an environment with multiple policy domains further justifies the ...

Following the emergency of multi-level, complex and distributed information systems, the traditional RBAC model becomes more and more weak and incompetent. Currently, the research of RBAC model mainly focused on building a suitable role hierarchy, although played a certain effect it still have many problems. Through the research aiming at organizations and their characters, we believe that the ...

This paper gives a framework for how to leverage Lightweight Directory Access Protocol (LDAP) to implement Role-based Access Control (RBAC) on the Web in the server-pull architecture. LDAP-based directory services have recently received much attention because they can support object-oriented hierarchies of entries in which we can easily search and modify attributes over TCP/IP. To implement RBA...

Role based access control has been widely used in security critical systems. Conventional role based access control is a passive model, which makes authorization decisions on requests, and the authorization decisions contain only information about whether the corresponding requests are authorised or not. One of the potential improvements for role based access control is the augmentation of obli...