In role-based access control (RBAC) permissions are associated with roles, and users are made members of appropriate roles thereby acquiring the roles' permissions. The principal motivation behind RBAC is to simplify administration. An appealing possibility is to use RBAC itself to manage RBAC, to further provide administrative convenience. In this paper we introduce a role-based administrative...

Security of systems and management infrastructure is crucial for a successful, reliable and safe use. Most currently deployed systems are based on simple subject/object-relations where control of access happens. This has the drawback that any access decision occurs just on the behalf of the single subject accessing. In this paper we describe an extended access control model that allows to inclu...

Two security domains that want to exchange information securely may need to agree on translations of Mandatory Access Control (MAC) labels of their information, if their MAC labels have a different syntax or semantics. It is desirable that these translations do not introduce any confidentiality violations. In this paper we present a property, the Security Level Translation Property (SLTP), whic...

In this paper, we show how to model UNIX file access using a rolebased approach. A role-based access control model is presented, and its use in reflecting the existing permissions in a UNIX environment is described.

American and European Legislation for protection of medical data agree that the patient has the right to play a pivotal role in the decisions regarding the content and distribution of her/his medical records. The Role Based Access Control (RBAC) model is the most commonly used authorization model in healthcare. The first goal of this work is to review if existing models and standards provide fo...

In large enterprises subject to constant employee turnover and challenging security policies, the administration of Role-based Access Control (RBAC) is a daunting task that is often highly centralized in a small team of security administrators. The aim of this work is to determine why existing models for Administrative Role-based Access Control (ARBAC) have failed to achieve success and thus mo...

GENERALIZATION AND ENFORCEMENT OF ROLE-BASED ACCESS CONTROL USING A NOVEL EVENT-BASED APPROACH