Abstract
A language for specifying role-based access control (RBAC) policies is presented. The language is designed to support the range of access control policies of commercial object systems. The basic structures of RBAC, such as role, users and permission, are present in the language as basic constructs. The language is flexible and is able to capture meta-level operations. The language also provides a mechanism for tracking actions and basing access control decisions on past events.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35515-3_53
Chapter PDF
Similar content being viewed by others
References
R.Sandhu, E.J.Coyne, H.L.Feinstein, “Role based Access Control Models”, IEEE Computer, Vol. 29, no. 2, Feb.1996, pp. 38–47.
D.Ferraiolo, R.Kuhn, “Role based Access Controls”, 15th NIST-NCSC National Computer Security Conference, Oct. 1992, USA.
Object Management Group (OMG): Security Services in Common Object Request Broker Architecture, 1996.
S.Jajodia, P.Smarati, V.Subrahmanian, “A Logical Language for Expressing Authorizations”, IEEE Proceedings on Security and Information Privacy, 1997.
R. Sandhu, E. Coyne, H. Feinstein & C. Youman, “Role-Based Access Control: A Multi-Dimensional View”, 10th Annual Computer Security Applications Conference, 1994, IEEE CS Press, pp. 54–61.
B. Hilchenbach, “Observations on the Real-World Implementation of Role-Based Access Control”, National Information Systems Security Conference, 1997, pp. 341–52.
V.Varadharajan, C.Crall, J.Pato, “Authorization for Enterprise wide Distributed Systems: Design and Application”, IEEE Computer Security Applications Conference, ACSAC’98, 1998.
M. Zurko, R. Simon & T. Sanfilippo, “A user-Centered, Modular Authorization Service Built on an RBAC Foundation”, IEEE Symposium on Security and Privacy, 1999.
Object Management Group (OMG), “CORBAservices: Common Object Services Specification”, OMG Document 97–07–04.
M. Hitchens & V. Varadharajan, “Issues in the Design of a Language for Role Based Access Control”, ICICS’99, pp. 22–38.
M. Hitchens & V. Varadharajan, “Tower: a Language for Role Based Access Control”, submitted for publication.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 IFIP International Federation for Information Processing
About this paper
Cite this paper
Hitchens, M., Varadharajan, V. (2000). Elements of A Language for Role-Based Access Control. In: Qing, S., Eloff, J.H.P. (eds) Information Security for Global Information Infrastructures. SEC 2000. IFIP — The International Federation for Information Processing, vol 47. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35515-3_38
Download citation
DOI: https://doi.org/10.1007/978-0-387-35515-3_38
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5479-7
Online ISBN: 978-0-387-35515-3
eBook Packages: Springer Book Archive