Stringent security requirements of organizations like banks or hospitals frequently adopt role-based access control (RBAC) principles to represent and simplify their internal permission management. While representing a fundamental advanced RBAC concept enabling precise restrictions on access rights, authorization constraints increase the complexity of the resulting security policies so that too...

The new concept of Immunogenic Cell Death (ICD), associated with Damage Associated Molecular Patterns (DAMPs) exposure and/or release, is recently becoming very appealing in cancer treatment. In this context, PhotoDynamic Therapy (PDT) can give rise to ICD and to immune response upon dead cells removal. The list of PhotoSensitizers (PSs) able to induce ICD is still short and includes Photofrin,...

Role-Based Access Control (RBAC) has been widely used for expressing access control policies. Administrative Role-Based Access Control (ARBAC) specifies how an RBAC policy may be changed by each administrator. Because sequences of changes by different administrators may interact in unintended ways, it is often difficult to fully understand the effect of an ARBAC policy by simple inspection. Thi...

A workflow-based RBAC model for web services (WFRBAC4WS) has been proposed in this paper. The model organizes web services in different autonomous domains through workflow mechanism, and maps RBAC model to tasks of workflow model. The paper details the authorization procedure of WFRBAC4WS model, the lifetime management, the extension of authorization constraint and the formal descriptions of th...

Significant research has been done in the area of Role Based Access Control [RBAC]. Within this research there has been a thread of work focusing on adding parameters to the role and permissions within RBAC. The primary benefit of parameter support in RBAC comes in the form of a significant increase in specificity in how permissions may be granted. This paper focuses on implementing a parameter...

The access specification language RASP extends traditional role-based access control (RBAC) concepts to provide greater expressive power often required for fine-grained access control in sensitive information systems. Existing formal models of RBAC are not sufficient to describe these extensions. In this paper, we define a new model for RBAC which formalizes the RASP concepts of controlled role...

Role-based access control (RBAC) has recently received a lot of attention due to its exibility, expressive power and simplicity in administration. In RBAC permissions are associated with roles and users are made members of roles thereby acquiring the associated permissions. Centralized management of RBAC in large systems is a tedious and costly task. An appealing possibility is to use RBAC itse...

Role-based access control (RBAC) is a powerful means for laying out and developing higher-level organizational policies such as separation of duty, and for simplifying the security management process. One of the important aspects of RBAC is authorization constraints that express such organizational policies. While RBAC has generated a great interest in the security community, organizations stil...

This material is based upon work supported by the Department of Commerce under contract number 50-DKNB-5-00188. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the authors and do not necessarily reflect the views of the Department of Commerce. There is a recognized need for a more robust method of performing security controls in computer net...