We describe access control mechanisms of the Common Object Request Broker Architecture (CORBA) and define a configuration of the CORBA protection system in more precise and less ambiguous language than the CORBA Security specification (CORBASec). Using the configuration definition, we suggest an algorithm that formally specifies the semantics of authorization decisions in CORBA. We analyze supp...

Role based access control (RBAC) allows users access to resources based on their competencies and responsibilities within an organization. Typically, RBAC is provided as a security mechanism for a single host at the operating system level. This allows the operating system to ensure that authenticated users have access to resources based on their assigned roles. RBAC is more challenging in peer-...

This article introduces a family of reference models for rolebased access control (RBAC) in which permissions are associated with roles, and users are made members of appropriate roles. This greatly simpli es management of permissions. Roles are closely related to the concept of user groups in access control. However, a role brings together a set of users on one side and a set of permissions on...

....................................................................................................................................................................2 Introduction................................................................................................................................................................2 Role Based Access Control Review ...........................

In most cases authors are permitted to post their version of the article (e.g. in Word or Tex form) to their personal website or institutional repository. Authors requiring further information regarding Elsevier's archiving and manuscript policies are encouraged to visit: a b s t r a c t a r t i c l e i n f o We analyze access control mechanisms of the COM+ architecture and define a configurati...

In the context of role-based access control (RBAC), mining approaches, such as role mining or organizational mining, can be applied to derive permissions and roles from a system’s configuration or from log files. In this way, mining techniques document the current state of a system and produce current-state RBAC models. However, such current-state RBAC models most often follow from structures t...

In role-based access control (RBAC) permissions are associated with roles, and users are made members of appropriate roles thereby acquiring the roles' permissions. The principal motivation behind RBAC is to simplify administration. An appealing possibility is to use RBAC itself to manage RBAC, to further provide administrative convenience. In this paper we introduce a role-based administrative...

Role-based access control (RBAC) is a common paradigm to ensure that users have sufficient rights to perform various system operations. In many cases though, traditional RBAC does not easily express application-level security requirements. For instance, in a medical records system it is difficult to express that doctors should only update the records of their own patients. Further, traditional ...

We analyze access control mechanisms of the Enterprise Java Beans (EJB) architecture and define a configuration of the EJB protection system in a more precise and less ambiguous language than the EJB 3.0 standard. Using this configuration, we suggest an algorithm that formally specifies the semantics of authorization decisions in EJB. We analyze the level of support for the American National St...

The basic concept of role-based access control (RBAC) is that permissions are associated with roles and users are made members of appropriate roles thereby acquiring the roles' permissions. Using RBAC to manage RBAC provides additional convenience. The administration of RBAC can be divided into three main categories namely, user-role assignment, permission-role assignment and role-role assignme...