A nurse who claims her 'excessive pillow plumping' led to an unfair police record has won a landmark court ruling.

Role based access control (RBAC) is attracting increasing attention as a security mechanism for both commercial and many military systems. Much of RBAC is fundamentally diierent from multi-level security (MLS) systems, and the properties of RBAC systems have not been explored formally to the extent that MLS system properties have. This paper explores some aspects of mutual exclusion of roles as...

Due to the correspondence between the role abstraction in Role-based Access Control (RBAC) and the notion of organizational positions, it seems easy to construct role hierarchies. This is, however, a misconception. This paper argues that, in order to reflect the functional requirements, a role hierarchy becomes very complex. In a bid to simplify the design of role hierarchies suitable for the e...

regarding the ecommerce growth, websites play an essential role in business success. therefore, many authors have offered website evaluation models since 1995. although, the multiplicity and diversity of evaluation models make it difficult to integrate them into a single comprehensive model. in this paper a quantitative method has been used to integrate previous models into a comprehensive mode...

A Generalized Temporal Role Based Access Control (GTRBAC) model that captures an exhaustive set of temporal constraint needs for access control has recently been proposed. GTRBAC’s language constructs allow one to specify various temporal constraints on role, userrole assignments and role-permission assignments. However, the presence of temporal constraints on role enablings and role activation...

This paper focused on two aspects of access control: graphical representation and reasoning. Access control policies describe which operations on resources are granted to users. Role-based access control is the model which introduces the concept of role to design user’ permissions. Actually, there is a lack of tools allowing security officers to describe and reason on their policies graphically...

Security concerned users and organizations must be provided with the means to protect and control access to object-oriented software, especially with an exploding interest in designing/developing object-oriented software in Java, C++, and Ada95. Our user-role based security (URBS) approach has emphasized: a customizable public interface that appears di erently at di erent times for speci c user...

Access Control is an important mechanism of information security. Role-Based Access Control is a famous access control approach with good flexibility. RBAC96 and ARBAC97 are classical RBAC models. The ARBAC97 model facilitates decentralized administration of RBAC. However, ARBAC97 has some shortcomings in the case of being used in an organization with autonomous subsidiaries. The member of an a...

RBAC model is renowned as a security model for corporate environment, since its components, especially role hierarchy, are suitable for modeling an organization structure. But the functional role hierarchy constructed through the existing role engineering approaches does not reflect an organization structure, because they do not take the structural characteristics of the organization into accou...

In this paper, we present an enhanced use of RBAC features in articulating a security policy for access control in medical database systems. The main advantage of this implementation is that it supports both MAC and DAC features at the same time; a feature that has been proved to be necessary in healthcare environments. The eMEDAC security policy that results from the above implementation provi...