School of Engineering - University of Connecticut
advertisement
CSE 353 Reference List (Role-based Access Control and Related Subjects) As of: 25 JAN 02 * have hard copy ** have parent document *[ACM98] Third Acm Workshop Onrole-Based Access Control, October 22-23, 1998, George Mason University. http://www.list.gmu.edu/confrnc/rbac/rbac98.html *[Ahn99a] G. Ahn, and R. Sandhu, "The RSL99 Language for Role-Based Separation Of Duty Constraints." Proceedings of The Fourth ACM Workshop On Role-Based Access Control On Role-Based Access Control, October 1999, Fairfax, VA USA, pp. 43-54. *[Ahn99b] G. Ahn and R. Sandhu, “Towards Role-Based Administration In Network Information Services”, Journal Of Network And Computer Applicaiotns, Vol. 22, 3, Nov. 1999, p. 199-213. *[Ahn00c] G. Ahn and R. Sandhu, “Role-Based Authorization Constraints Specification”, ACM Transactions on Information and System Security (TISSEC), Volume 3 , Issue 4 (November 2000) , ACM Press New York, NY, USA , Pages: 207 – 226. *[Ahn00a] G. Ahn, R. Sandhu, M. Kang, and J. Park, "Injecting RBAC to secure a Web-based workflow system.", Proceedings Of The Fifth ACM Workshop On Role-Based Access Control, July 2000, Berlin Germany, pp. 1-10. [Ahn00b] G. Ahn, “Role-Based Access Control In DCOM”, Journal Of Systems Architecture, Amsterdam; Vol. 46, No. 13, Nov 2000, pg. 1175-84. [Amme00] H. Ammerlahn, M. Goldsby, M. Johnson, D. Nicol, “A Geographically Distributed Enterprise Simulation System”, Future Generation Computer Systems, Vol. 17, 2, Oct. 2000, p. 135-46. [Ashl99] P. Ashley, B. Broom, M. Vandenwauver, “An Implementation Of A Secure Version Of NFS Including RBAC”, Information Security And Privacy, Lecture Notes In Computer Science, Vol. 1587, 1999, p. 213-27. *[Awis97] R. Awischus, “Role Based Access Control With The Security Administration Manager (SAM),” In Proceedings of The Second ACM Workshop on Role-Based Access Control, Fairfax, VA USA, November 6 - 7, 1997, pp. 61-68. [Baco01] Bacon J., Lloyd M., and Moody K.: "Translating Role-Based Access Control Policy within Context." Policy 2001, Workshop on Policies for Distributed Systems and Networks, Bristol, UK, January 2001. [Bald90] R. Baldwin, “Naming and Grouping Privileges to Simplify Security Management in Large Databases”, Proceedings of the Symposium on Security and Privacy, pp. 116-132.. IEEE Press, 1990. *[Bark95] J. Barkley, “Implementing Role-Based Access Control Using Object Technology,” In proceedings of the first ACM Workshop on Role-based access control, Gaithersburg, MD USA, November 30 - December 2, 1995, pp. 20. http://hissa.ncsl.nist.gov/rbac/rbacot/titlewkshp.html *[Bark97a] J. Barkley, A. Cincottta, D. Ferraiolo, S. Gavrilla, and R. Kuhn, “Role Based Access Control for the World Wide Web.” 20th National Computer Security Conference. 1997.. http://hissa.ncsl.nist.gov/rbac/rbacweb/paper.ps http://hissa.nist.gov/rbac/proj/rbac.html *[Bark97c] J. Barkley, “Comparing Simple Role Based Access Control Models and Access Control Lists,” In Proceedings of The Second ACM Workshop on RoleBased Access Control, Fairfax, VA USA, November 6 - 7, 1997, pp. 127-132. http://hissa.ncsl.nist.gov/rbac/iirf.ps [Bark98] J. Barkley, D. Kuhn, L. Rosenthal, M. Skall, and A. Cincotta, "Role Based Access Control for the Web," CALS Expo International and 21st Century Commerce 1998: Global Business Solutions for the New Millenium. [Bark98a] J. Barkley, A. Cincotta; "Managing Role/Permission Relationships Using Object Access Types"; Third ACM Workshop on Role Based Access Control; 1998. *[Bark99] J. Barkley, K. Beznosov, and J. Uppal, “Supporting Relationships In Access Control Using Role Based Access Control,” In proceedings of the fourth ACM workshop on role-based access control on Role-based access control, Fairfax, VA USA, October 28 - 29, 1999, pp. 55-65. http://www.itl.nist.gov/div897/staff/barkley/rbac-rad-to-publish.ps *[Barke01] S. Barker, A. Rosenthal, “Flexible Security Policies in SQL”, Proceedings of the 15th IFIP WG 11.3, Canada, July 2001. *[Bash01] I. Bashir, E. Serafini, and K. Wall, “Securing Network Software Applications”, Comm. of the ACM, Vol. 44, No. 2, February 2001. *[Bert96] E. Bertino, et al., “A Temporal Access Control Mechanism For Database Systems”, IEEE Trans. on Knowledge and Data Engineering, Vol. 8, No. 1, February 1996. *[Bert97] E. Bertino, E. Ferrari, V. Atluri, “Flexible Model Supporting The Specification And Enforcement Of Role-Based Authorizations In Workflow Management Systems”, Proceedings of the 1997 2nd ACM Workshop on Role-Based Access Control, p.1. 1997. *[Bert99] E. Bertino, E. Ferrari, and V. Atluri, “The Specification And Enforcement Of Authorization Constraints In Workflow Management Systems”, ACM Trans. Info. Syst. Security, Vol. 2, No. 1, February 1999. *[Bert00] E. Bertino, P. Bonatti, and E. Ferrari, "TRBAC: A Temporal Role-Based Access Control Model." Proceedings of The Fifth ACM Workshop On RoleBased Access Control, July 2000, Berlin Germany, pp. 21-30. *[Bezn99a] K. Beznosov, and Y. Deng., “A Framework For Implementing Role-Based Access Control Using CORBA Security Service,” In proceedings of the fourth ACM workshop on role-based access control on Role-based access control, Fairfax, VA USA, October 28 - 29, 1999, pp. 19-30. *[Benz99c] Beznosov, Deng, Blakley, Burt, Barkley, 1999. “A Resource Access Decision Service For CORBA-Based Distributed Systems.” ACSAC (Annual Computer Security Applications Conference). http://www.itl.nist.gov/div897/staff/barkley/acsac-paper.ps [Bona96] P. Bonatti, M. Sapino, and V. Subrahmanian. “Merging Heterogeneous Security Orderings.” In Proc. 4th European Symp. on Research in Computer Security (ESORICS 96), Rome, Italy, September 1996. [Both01] R. Botha, “Separation Of Duties For Access Control Enforcement In Workflow Environments”, IBM Systems Journal, Armonk; 2001; Vol. 40, No. 3; pg. 666,-682. [Brew89] D. Brewer and M. Nash, “The Chinese Wall Security Policy”. In the Proceedings of the Symposium for Security and Privacy, pp. 215-228. IEEE Press, 1989. *[Broo99] Brooks, K., “Migrating To Role-Based Access Control,” In proceedings of the fourth ACM workshop on role-based access control on Role-based access control, Fairfax, VA USA, October 28 - 29, 1999, pp. 71-81. [Brow99] F. Lee Brown, James DiVietri, Graciela Diaz de Villegas, and Eduardo B. Fernandez, “The Authenticator Pattern”, Procs. of PLOP’99, http://stwww.cs.uiuc.edu/~plop/plop99 [Chan00] Chandramouli, R. "Application Of XML Tools For Enterprise-Wide RBAC Implementation Tasks." Proceedings of the fifth ACM workshop on Rolebased access control, July 2000, Berlin Germany, pp. 11-18. *[Chan98] R. Chandramouli, R. Sandhu. “Role Based Access Control Features In Commercial Database Management Systems", 21st National Information Systems Security Conference, October 6-9, 1998, Crystal City, Virginia. Best Paper Award! http://csrc.nist.gov/rbac/RBAC_DBMS_Comparison.pdf *[Chen95] Chen, F. and R.S. Sandhu. “Constraints for Role-based Access Control”. In Proceedings of First ACM/NIST Role Based Access Control Workshop. 1995. Gaithersburg, Maryland, USA, ACM Press, November 30 – December 2, 1995, pp. 14. Links: http://citeseer.nj.nec.com/cache/papers2/cs/4358/http:zSzzSzwww.list.gmu.eduzSzconfrnczSzrbaczSzps_verzSzconstraint.pdf/constraints-for-role-based.pdf [Cheng00] Cheng, EC, “An Object-Oriented Organizational Model To Support Dynamic Role-Based Access Control In Electronic Commerce”, DECISION SUPPORT SYSTEMS, Vol. 29, 4, Dec. 2000, p. 357-69 [Cinc97] Cincotta, A., Ferraiolo, D. F., Gavrilla, S., and Kuhn, D. R., "Role Based Access Control for the World Wide Web," National Information Systems Security Conference, October, 1997. [Clar87] D. Clark and D. Wilson, “A Comparison of Commercial and Military Computer Security Policies”, In the Proceeding of the Symposium on Security and Privacy, pp. 184-194, IEEE Press, 1989. *[Covi00] Covington, M. J.; Moyer M. J.; Ahamad M.: “Generalized Role-Based Access Control for Securing Future Applications”. 23rd National Information Systems Security Conference, Baltimore, MD, October 2000. [Covi01] Michael J. Covington, Wende Long, Srividhya Srinivasan, Anind K. Dev, Mustaque Ahamad and Gregory D. Abowd; “Securing Context-Aware Applications Using Environment Roles”; SACMAT 01 Proceedings of the sixth ACM; Pages 10 – 20. [Coul98] George Coulouris, Jean Dollimore, and Marcus Roberts, “Role and Task-Based Access Control in The Perdis Groupware Platform”. In W. on RoleBased Access Control, Washington DC (USA), October 1998. Pp.115-121 [Cupp96] Cuppens, Frederic; Saurel, Claire, “Specifying A Security Policy: A Case Study”, Proceedings of the 1996 9th IEEE Computer Security Foundations Workshop, CSFW, p 123., 1996. [Daws00] S. Dawson, Q. S., and P. Samarati. “Providing Security and Interoperation of Heterogeneous Systems”. Distributed and Parallel Databases, 8(1):119 145, Jan. 2000. [Dela99] Alexandre Delarue and Eduardo B. Fernandez, “Reactor-Acceptor-Connector”, Procs. of PLOP’99, http://st-www.cs.uiuc.edu/~plop/plop99 *[Demu95] Demurjian, S. A., Ting, T. C. and Hu, M. Y., “Role-based access control for object-oriented/C++ systems,” In proceedings of the first ACM Workshop on Role-based access control, Gaithersburg, MD USA, November 30 - December 2, 1995, pp. 19. *[Demu97] S. Demurjian and T.C. Ting, "Towards a Definitive Paradigm for Security in Object-Oriented Systems and Applications", Journal of Computer Security, Vol. 5, No. 4, 1997. *[Demu98] Demurjian, et al., “Software Architectural Alternatives for User Role-Based Security Policies”, in Database Security, XI: Status and Prospects, Lin and Qian (eds.), Chapman Hall, 1998. [Demu99] S. Demurjian, et al., "Software Agents for Role Based Security", in Database Security, XII: Status and Prospects, S. Jajodia (ed.), Kluwer, 1999. [Demu00a] S. Demurjian, et al., "Software Agents for Role Based Security”, in Research Advances in Database and Information Systems Security, V. Atluri and J. Hale (eds.), Kluwer, 2000. *[Demu00b] S.A. Demurjian, T. C. Ting, P. Barr, C. Phillips, “Role-Based Security in a Distributed Resource Environment”, in Proc. Of Fourteenth IFIP WG 11.3 Working Conference on Database Security, School, The Netherlands, August 2000. **[Demu01] S. Demurjian, T.C. Ting, C. Phillips, et. al., “A User Role-Based Security Model for a Distributed Environment”, in Research Advances in Database and Information Systems Security, J. Therrien (ed.), Kluwer, 2001. *[Denn99] Dorothy E. Denning, “The Limits of Formal Security Models”, National Computer Systems Security Award Acceptance Speech, 18 October 1999. [Didr97] Tor Didriksen; “Rule Based Database Access Control--A Practical Approach”; Proceedings of the second ACM workshop on Role-based access control, 1997, Pages 143 – 151 *[Epst95] Epstein, J. and Sandhu, R., “Netware 4 As An Example Of Role-Based Access Control,” In proceedings of the first ACM Workshop on Role-based access control, Gaithersburg, MD USA, November 30 - December 2, 1995, pp. 18. [Essm98] W. Essamyr, et al., “Using Role-Templates for Handling Recurring Role Structures”, in Database Security, XI: Status and Prospects, Lin/Qian (eds.), Chapman Hall, 1998. *[Fade99a] Faden, G. "RBAC In UNIX Administration." Proceedings of the fourth ACM workshop on role-based access control on Role-based access control, October 1999, Fairfax, VA USA, pp. 95-101. *[Ferr92] David Ferraiolo and Richard Kuhn. “Role-Based Access Controls”. In Proceedings of 15th NIST-NCSC National Computer Security Conference, pages 554--563, Baltimore, MD, October 13-16 1992. http://hissa.ncsl.nist.gov/rbac/paper/rbac1.html *[Ferr95a] Ferraiolo, D. Cugini, J. and Kuhn, D. R., “Role based access control: Features and motivations,” In Annual Computer Security Applications Conference, IEEE Computer Society Press, 1995. http://hissa.ncsl.nist.gov/rbac/newpaper/rbac.ps *[Ferr95b] Ferraiolo, D. F. and Kuhn, D. R., “Future Directions In Role-Based Access Control,” In proceedings of the first ACM Workshop on Role-based access control, Gaithersburg, MD USA, November 30 - December 2, 1995, pp. 8. [Ferr97a] D. Ferraiolo and J.F. Barkley, "Comparing Administrative Cost for Hierarchical and Non-hierarchical Role Representations," Second ACM Workshop on Role-Based Access Control, Nov 6-7, 1997. [Ferr97b] Ferraiolo, D. and Barkley, J., “Specifying And Managing Role-Based Access Control Within A Corporate Intranet,” In proceedings of the second ACM workshop on Role-based access control, Fairfax, VA USA, November 6 - 7, 1997, pp. 77-82. *[Ferr99a] D. F. Ferraiolo, J F. Barkley, and D. R Kuhn . , "A Role Based Access Control Model and Reference Implementation within a Corporate Intranet," ACM Transactions on Information and System Security, . Volume 1, Number 2:34-64, Feb 1999. http://citeseer.nj.nec.com/cache/papers2/cs/2105/http:zSzzSzhissa.ncsl.nist.govzSzrbaczSzjour-rick.pdf/ferraiolo99role.pdf *[Ferr00] David F. Ferrailo, “The Role Control Center: An Implementation of Role-based Access Control on Identity-Based Systems”, NIST White Paper, 2000. *[Ferr01] Ferraiolo, D. F., “An Argument For The Role-Based Access Control Model,” In Sixth ACM Symposium on Access control models and technologies, Chantilly, VA USA, May 3 - 4, 2001, pp. 142-143. [Ford92] Ford, Warwick, “Security Techniques For Network Management”, IEEE 1992 Network Operations and Management Symposium - NOMS '92 Part 3 (of 3), p. 680, 1992. [Fox96] A. Fox and S. Gribble, “Security on the Move: Indirect Authentication Using Kerberos”, ACM MOBICON 96, Rye, NY, 1996. [Frib97] Friberg, C. and Held, A., “Support For Discretionary Role Based Access Control In ACL-Oriented Operating Systems,” In proceedings of the second ACM workshop on Role-based access control, Fairfax, VA USA, November 6 - 7, 1997, pp. 83-94. *[Gavr98] Gavrila, S. I. and Barkley, J. F., “Formal Specification For Role Based Access Control User/Role And Role/Role Relationship Management,” In proceedings of the third ACM workshop on Role-based access control, Fairfax, VA USA, October 22 - 23, 1998, pp. 81-90. http://hissa.ncsl.nist.gov/rbac/cons.ps [Gebh00] Gebhardt, T. and Hildmann, T. "Enabling Technologies For Role Based Online Decision Engines." Proceedings of the fifth ACM workshop on Rolebased access control, July 2000, Berlin Germany, pp. 77-82. [Giuri95a] Luigi Giuri, ”Role-Based Access Control: A Natural Approach”, Proceedings of the first ACM Workshop on Role-based Access Control, November 30 - December 2, 1995, Gaithersburg, MD USA, pp.13 [Giuri95b] Luigi Giuri. “A New Model For Role-Based Access Control”. In Proceedings of 11th Annual Computer Security Application Conference, pages 249-255, New Orleans, LA, December 11-15 1995. *[Giuri96] Luigi Giuri and Pietro Iglio. “A Formal Model For Role-Based Access Control With Constraints”. In Proceedings of 9th IEEE Computer Security Foundations Workshop, pages 136--145, Kenmare, Ireland, June 1996. [Giuri97] Luigi Giuri, Pietro lglio, “Role Templates for Content-Based Access Control”, Proceedings of the second ACM workshop on Role-based access control November 6 - 7, 1997, Fairfax, VA USA, pp.153 –159. **[Giuri98] Giuri, L., “Role-based access control in Java”, in proceedings of 3rd ACM workshop on Role-Based Access Control, ACM Press, 1998 [Giuri99] Giuri, L. “Role-based access control on the Web using Java,” In proceedings of the fourth ACM workshop on role-based access control on Role-based access control, Fairfax, VA USA, October 28 - 29, 1999, pp. 11-18. [Glig95] Gligor, V., “Characteristics Of Role-Based Access Control,” In proceedings of the first ACM Workshop on Role-based Access Control, Gaithersburg, MD USA, November 30 - December 2, 1995, pp. 10. *[Glig98] Virgil Gilgor, Serban Gavrila, David Ferraiolo, “ On the Formal Definition of Seperation-of-Duty Policies and Their Composition”, Proc. From the IEEE Symposium on Security and Privacy, 1998. *[Gree96] S. Greenwald, “A New Security Policy for Distributed Resource Management and Access Control”, 1996 ACM New Security Paradigms Wksp., Lake Arrowhead, CA, Sept. 1996. [Hama98] Hamada, T., “Role-Based Access Control In Telecommunication Service Management--Dynamic Role Creation And Management In TINA Service Environment,” In proceedings of the third ACM workshop on Role-based access control, Fairfax, VA USA, October 22 - 23, 1998, pp. 105-113. *[Hao99] Ruibing Hao, Kyungkoo Jun, and Dan C. Marinescu, “Bond System Security and Access Control Model”, Purdue University, 1999. [Hays00] Viviane Hays, Marc Loutrel, and Eduardo B. Fernandez, “The Object Filter and Access Control Framework”, to appear in the PloP 2000 Conference. [Hild99] Hildmann, T. and Barholdt, J., “Managing Trust Between Collaborating Companies Using Outsourced Role Based Access Control,” In proceedings of the fourth ACM workshop on role-based access control on Role-based access control, Fairfax, VA USA, October 28 - 29, 1999, pp. 105-111. [Hine00] Hine, John H.; Yao, Walt; Bacon, Jean; Moody, Ken: “An Architecture for Distributed OASIS Services” - School of Mathematical and Computing Sciences Victoria University of Wellington Computer Laboratory University of Cambridge (2000); http://citeseer.nj.nec.com/hine00architecture.html. [Hitc99] Hitchens, M, Varadharajan, V, “Issues In The Design Of A Language For Role Based Access Control”, Information And Communication Security Proceedings, Lecture Notes In Computer Science, Vol. 1726, 1999, p. 22-38. [Hu95] M.-Y. Hu, S.A. Demurjian, and T.C. Ting. “User-Role Based Security in The ADAM Object-Oriented Design And Analyses Environment”. In J. Biskup, M. Morgernstern, and C. Landwehr, editors, Database Security VIII: Status and Prospects. North-Holland, 1995. [Hwan00] Hwang, JJ, Wu, KC, Liu, DR, “Access Control With Role Attribute Certificates”, Computer Standards & Interfaces, Vol. 22, 1, Mar. 2000, p. 43-53. *[Jans98a] W.A. Jansen, "A Revised Model for Role Based Access Control” NIST-IR 6192, July 9, 1998. http://csrc.nist.gov/rbac/jansen-ir-rbac.pdf [Jans98b] W.A. Jansen, "Inheritance Properties of Role Hierarchies," 21st National Information Systems Security Conference, October 6-9, 1998, Crystal City, Virginia. *[Jeag95] Jaeger, T. and Prakash, A., “Requirements Of Role-Based Access Control For Collaborative Systems,” In proceedings of the first ACM Workshop on Role-based access control, Gaithersburg, MD USA, November 30 - December 2, 1995, pp. 16. [Jeag97] Jaeger, T., Giraud, F., Islam, N. and Liedtke, J., “A Role-Based Access Control Model For Protection Domain Derivation And Management,” In proceedings of the second ACM workshop on Role-based access control, Fairfax, VA USA, November 6 - 7, 1997, pp. 95-106. [Jeag99] Jaeger, T. "On The Increasing Importance Of Constraints." Proceedings of the fourth ACM workshop on role-based access control on Role-based access control, October 1999, Fairfax, VA USA, pp. 33-42. *[Jeag00] Trent Jaeger and Jonathon E. Tidswell; “Rebuttal to the NIST RBAC model proposal”; RBAC 00, Proceedings of the fifth ACM, Pages 65 – 66 [JINI] http://www.sun.com/jini/ [JINIARCH] http://www.sun.com/jini/whitepapers/architecture.html *[Josh01] James Joshi, Walid Aref, et al., “Security Models for Web-based Applications”, Communications of the ACM, Vol 44, No. 2, February 2001, pp. 33-44. *[Kand01] Savith Kandala, Ravi Sandhu, “Secure Role-Based Workflow Models”, 15th Annual IFIP WG 11.3, Canada, July 2001. *[Kemm97] R. . Kemmerer, “Security Issues in Distributed Software”, Proc. of the 6th European Conf. On Software Engineering, held jointly with the 5th ACM SIGSOFT, 1997. [Kons00] Konstantin Beznosov, “Engineering Access Control for Distributed Enterprise Applications” ,DISSERTATION ENGINEERING ACCESS CONTROL FOR DISTRIBUTED ENTERPRISE APPLICATIONS by Konstantin Beznosov Florida International University, 2000 Miami, Florida. *[Kuhn90] Kuhn, D. R., ``On the Effective Use of Software Standards in Systems Integration'', In proceedings of the First Intl. Conference on Systems Integration, IEEE Computer Society Press, 1990. [Kuhn91] Kuhn, D. R., ``IEEE's POSIX'', IEEE Spectrum, Vol. 28, No. 12, December, 1991. [Kuhn93] Kuhn, D. R., Edfors, P. N. Howard, V., Caputo, C., Phillips, T., ``Improving Public Switched Network Security in an Open Environment,'' (invited) IEEE Computer, Vol. 26, No. 8, August, 1993. [Kuhn94] Kuhn, D. R., Majurski, W. J., McCoy, W., and Schulz, F., ``Open Systems Software Standards in Concurrent Engineering,'' (invited) in Control and Dynamic Systems - Concurrent Engineering Techniques and Applications, C.T. Leondes, ed., Academic Press, 1994. *[Kuhn97] D.R.Kuhn. "Mutual Exclusion of Roles as a Means of Implementing Separation of Duty in Role Based Access Control Systems,". In proceedings of the second ACM workshop on Role-based access control, Fairfax, VA USA, November 6 - 7, 1997, pp. 23-30. http://hissa.ncsl.nist.gov/rbac/rickwkshp2.ps Links:http://citeseer.nj.nec.com/cache/papers2/cs/824/http:zSzzSzhissa.ncsl.nist.govzSzkuhnzSzacm2rbac.pdf/kuhn97mutual.pdf **[Kuhn98] Kuhn, D. R., "Role Based Access Control on MLS Systems Without Kernel Changes,"Third ACM Workshop on Role Based Access Control, October 22-23,1998., pp. 25-32. [Lair99] Robbin F. Laird and Holger H. Mey, McNair Paper 60, “The Revolution in Military Affairs: Allied Perspectives”, http://www.ndu.edu/inss/macnair/mcnair60/m60cont.html , April 1999. *[Lebk00] Lebkicher, M. "Role Based Access Control." http://www.sans.org/infosecFAQ/securitybasics/RBAC.htm, November 30, 2000. [Lin99] Lin, Along. HPL-1999-59. “Integrating Policy-Driven Role Based Access Control with the Common DataSecurity Architecture”. Bristol, U.K.: Hewlett Packard Corp.,Extended Enterprise Laboratory, April 1999. [Lin00] Lin, A, Brown, R, “The Application Of Security Policy To Role-Based Access Control And The Common Data Security Architecture”, COMPUTER COMMUNICATIONS, Vol. 23, 17, Nov. 1, 2000, p. 1584-93. [Loch88] F. H. Lochovsky and C. C. Woo, "Role-Based Security in Data Base Management Systems", in Database Security: Status and Prospects, C. Landwehr (ed.), North-Holland, 1988. *[Lupu95] Lupu, D. Marriott, M. Sloman, & N. Yialelis, "A Policy Based Role Framework for Access Control", First ACM/NIST Role Based Access Control Workshop, Gaithersburg, USA, Dec. 1995, pp11. http://citeseer.nj.nec.com/lupu95policy.html *[Lupu97a] Lupu, E. and Sloman, M., “Reconciling Role Based Management And Role Based Access Control,” In proceedings of the second ACM workshop on Role-based access control, Fairfax, VA USA, November 6 - 7, 1997, pp. 135-141. Links:http://citeseer.nj.nec.com/cache/papers2/cs/240/http:zSzzSzhypatia.dcs.qmw.ac.ukzSzdatazSzukzSzdse.doc.ic.ac.ukzSzmanagementzSzRBAC97.pdf/lupu97reconcil ing.pdf [Lupu97b] Lupu, E., and Sloman, M. (1997), "A Policy Based Role Object Model", Proc. EDOC'97, IEEE Computer Society Press. [Lupu97c] E. C. Lupu and M. S. Sloman, "Towards a Role Based Framework for Distributed Systems Management", Journal of Network and Systems Management, 5(1), Plenum Press Publishing, 1997. http://citeseer.nj.nec.com/68817.html [Marvr99] I. Marvidis, G. Pangalos and M. Khair, “EMEDAC: Role-based Access Control Supporting Discretionary and Mandatory Features”, in Database Security, XII: Status and Prospects, S. Jajodia (ed.), Kluwer, 1999. [Mass97] F. Massacci, Reasoning about Security: “A Logic and a Decision Method for Role-Based Access Control”, In Proc. Of the international Joint Conference on Qualitative and Quantitative Practical Reasoning(ECSQARU/FAPR-97), Vol. 1244 of lecture Notes in Artificial Intelligence, 421-435, 1997. Links: http://citeseer.nj.nec.com/cache/papers2/cs/3353/ftp:zSzzSzftp.dis.uniroma1.itzSzpubzSzaizSzpaperszSzmass-97-FAPR.pdf/massacci97reasoning.pdf [Mayr01] Mavridis, I., Georgiadis, C., Pangalos, G., and Khair M., “Access Control based on Attribute Certificates for Medical Intranet Applications,” Journal of Medical Internet Research, 3(1), 2001. *[McLe94] McLean J (1994) “Security Models”. Encyclopedia of Software Engineering. Wiley Press, 1994 http://citeseer.nj.nec.com/mclean94security.html [Meye97] Meyers, William J., “RBAC Emulation On Trusted DG/UX”, Proceedings of the 1997 2nd ACM Workshop on Role-Based Access Control, p55., 1997. *[Mins98] Minsky NH and Ungureanu V (1998) “Unified Support For Heterogeneous Security Policies In Distributed Systems”. 7th USENIX Security Symposium, January 1998. http://citeseer.nj.nec.com/minsky98unified.html *[Moff94] Jonathan D. Moffet. “Specification of Management Policies and Discretionary Access Control.” In Morris Sloman, editor, Network and Distributed Systems Management, pages 455--480. Chapter 17,Addison-Wesley Publishing Company, 1994. [Moff99] Moffett, J. D. and Lupu, E. C. "The Uses Of Role Hierarchies In Access Control." Proceedings of the fourth ACM workshop on role-based access control on Role-based access control, October 1999, Fairfax, VA USA, pp. 153-160. [Moha94] Mohammed, Imtiaz; Dilts, David M, “Design For Dynamic User-Role-Based Security”, Computers & Security, Amsterdam; 1994; Vol. 13, Iss. 8; pg. 661-671. [Monk00] Mönkeberg, A. and Rakete, R., “Three For One: Role-Based Access-Control Management In Rapidly Changing Heterogeneous Environments,” In proceedings of the fifth ACM workshop on Role-based access control, Berlin, Germany, July 26 - 28, 2000, pp. 83-88. [Moye01] Moyer, M.J.; Ahamad, M., “Generalized Role-Based Access Control”, 21st IEEE International Conference on Distributed Computing Systems, p391, 2001. *[Murl01] Murley, J. E. "Role-Based Administration for Windows 2000." http://www.sans.org/infosecFAQ/win2000/admin.htm, July 26, 2001 [Murr01] Murrell, Laurie, “Role-Based Access Secures E-Business”, National Underwriter (Property and Casualty Risk and Benefits Management Edition) v 105 no33 Aug 13 2001.p. 15 [Murr01a] Murrell, Laurie, “Role-Based Access Control Has Benefits For Security”, Access Control and Security Systems Integration v 44 no9 Aug 2001 supp iSecurity.p. 14-15 [Na00] Na, S. and Cheon, S. “Role Delegation In Role-Based Access Control,” In proceedings of the fifth ACM workshop on Role-based access control, Berlin, Germany, July 26 - 28, 2000, pp. 39-44. [Neum94a] Neuman, B. C., “Using Kerberos For Authentication On Computer Networks”, IEEE Communications, 32(9), 1994 *[Neum94b] C. Nueman and T. Ts’o, “An Authorization Service for Computer Networks”, Comm. of the ACM, Vol. 32, No. 9, Sept. 94. [NIST01] NIST: ROLE BASED ACCESS CONTROL This site provides access to NIST's award winning RBAC research http://csrc.nist.gov/rbac [Nota95] Notargiacomo, L., "Role-Based Access Control In ORACLE7 And Trusted ORACLE7”, In proceedings of the first ACM Workshop on Role-based access control, Gaithersburg, MD USA, November 30 - December 2, 1995, pp. 17. [Nyan93a] Nyanchama and S. L. Osborn. “Role-Based Security: Pros, Cons & Some Research Directions”. ACM SIGSAC Review, 2(2):11--17, June 1993. [Nyan93b] M. Nyanchama and S. L. Osborn. “Role-Based Security, Object Oriented Databases & Separation of Duty.” ACM SIGMOD RECORD, 22(4):45--51, Dec 1993. [Nyan94] Nyanchama, M., Osborn, S. (1994) ,“Access Rights Administration in Role-Based Security Systems”. Proc. IFIP WG 11.3 Database Security, 1994. In: Database Security VIII, Status and Prospects (J. Biskup, M. Morgenstern, C. E. Landwehr, Eds). North Holland (Elsevier). http://citeseer.nj.nec.com/35105.html [Nyan95a] M. Nyanchama and S. Osborn. “Access Rights Administration In Role-Based Security Systems”. In J. Biskup, M. Morgernstern, and C. Landwehr, editors, Database Security VIII: Status and Prospects, 1995. *[Nyan95b] Nyanchama & Osborn, “Modeling Mandatory Access Control in Role-Based Security Systems ”, 1995, IFIP Workshop on Database Security. http://citeseer.nj.nec.com/nyanchama95modeling.html [Oh00] Oh, Sejong; Park, Seog: “Task-Role Based Access Control (T-RBAC): An Improved Access Control Model for Enterprise Environment”. (pgs 264-273) Database and Expert Systems Applications, 11th International Conference, DEXA 2000, London, UK, September 4-8, 2000, Proceedings. Lecture Notes in Computer Science 1873 Springer 2000, ISBN 3-540-67978-2 [Oh01a] Oh, Sejong; Park, Seog: “Enterprise Model as a Basis of Administration on Role-Based Access Control”. (pgs 165-174); Proceedings of the Third International Symposium on Cooperative Database Systems and Applications, Beijing, China, April 23-24, 2001. IEEE Computer Society, 2001, ISBN 0-7695-1128-7 [Oh01b] Oh, Sejong; Park, Seog: “A Process of Abstracting T-RBAC Aspects from Enterprise Environment”. (pgs 144-145) Database Systems for Advanced Applications, Proceedings of the 7th International Conference on Database Systems for Advanced Applications (DASFAA 2001), 18-20 April 2001 - Hong Kong, China. IEEE Computer Society 2001, ISBN 0-7695-0996-7 *[Oppl97] Oppliger, R. “Internet Security: Firewalls and Beyond”, Comm. of the ACM, Vol. 40, No. 5, May 1997. [Osbo96] Osborn S, Reid L, and Wesson, G. (1996). “On The Interaction Between Role Based Access Control And Relational Databases”, Proceedings of the Tenth Annual IFIP WG 11.3 Working Conference on Database Security (Aug. 1996). http://citeseer.nj.nec.com/osborn96interaction.html *[Osbo97] Osborn, S., “Mandatory Access Control And Role-Based Access Control Revisited,” In proceedings of the second ACM workshop on Role-based access control, Fairfax, VA USA, November 6 - 7, 1997, pp. 31-40. [Osbo00a] Osborn, S. and Guo, Y. “Modeling Users In Role-Based Access Control,” In proceedings of the fifth ACM workshop on Role-based access control, Berlin, Germany, July 26 - 28, 2000, pp. 31-37. *[Osbo00b] Osborn, S. Sandhu, R. and Munawer, Q., “Configuring Role-Based Access Control To Enforce Mandatory And Discretionary Access Control Policies,” ACM Transactions on Information and System Security, volume 3, issue 2, 2000, pp. 85-106. *[Pand99] R. Pandey and B. Hashii. “Providing Fine-Grained Access Control for Java Programs.” In R. Guerraoui, editor, Proceedings ECOOP'99, LCNS 1628, pages 449--473, Lisbon, Portugal, June 1999. Springer-Verlag. *[Papa00] M. Papa, O. Bremer, R. Chandia, John Hale, and S. Shenoi, “Extending Java for Package Based Access Control”, Proc. of 16th Annual Computer Security Applications Conf.(ACSAC), December 2000. *[Park99a] J. Park, R. Sandu and S. Ghanta, “RBAC on the WEB by Secure Cookies”, in Database Security, XII: Status and Prospects, S. Jajodia (ed.), Kluwer, 1999. *[Park99b] Joon S. Park and Ravi Sandhu; “RBAC On The Web By Smart Certificates”; Proceedings of the fourth ACM workshop on role-based access control on Role-based access control, 1999, Pages 1 – 9. [Park00] Joon S. Park , Ravi Sandhu, “Secure Cookies on the Web”, to appear in IEEE Internet Computing. JulyAugust 2000. Procedings of The Fifth ACM Workshop on Role-based Access Control. Berlin, Germany, July.2000. *[Park01] Joon S. Park and Ravi Sandhu,"RBAC on the Web Using LDAP” In Proceedings of 15th IFIP WG 11.3 Working Conference on Database and Application Security, Ontario, Canada, July 15-18, 2001. *[Rama98] Ramaswamy C and Sandhu RS. (1998) “Role-Based Access Control Features In Commercial Database Management Systems”. Proceedings of 21st NIST-NCSC National Information Systems Security Conference, pages 503--511, Arlington, VA, October 5-8 1998. http://citeseer.nj.nec.com/85695.html [Reit99] M. Reiter and S. Stubblebine, “Authentication Metric Analysis and Design”, ACM Trans. On Information and System Security, Vol. 2, No. 2, May 1999. *[Rive96] R. Rivest and B. Lampson, “SDSI - A Simple Distributed Security Infrastructure”, MIT and Microsoft Co., http://theory.lcs.mit.edu/~rivest/sdsi10.ps [Roec00] Roeckle, Haio; Schimpf, Gerhard; Weidinger, Rupert, “Process-Oriented Approach For Role-Finding To Implement Role-Based Security Administration In A Large Industrial Organization”, Proceedings from the 5th ACM Workshop on Role-Based Access Control (RBAC), p103, 2000. *[Sand93] Sandhu, R.S., “Lattice-Based Access Control Models”, Computer Journal, 26:9-19, Nov. 1993 *[Sand94a] Sandhu, Ravi S.; Coyne, Edward J.; Feinstein, Hal L.; Youman, Charles E.: “Role-Based Access Control: A Multi-Dimensional View”. In: Proceedings of the 10 th Annual Computer Security Applications Conference, Orlando, FL, December 5-9, 1994, pp. 54-62. Links: http://citeseer.nj.nec.com/cache/papers2/cs/14807/http:zSzzSzwww.list.gmu.eduzSzconfrnczSzacsaczSzpdf_verzSza94rabca.pdf/sandhu94rolebased.pdf [Sand94b] Sandhu, R., Feinstein, H. "A Three Tier Architecture for Role-Based Access Control" Proc. of the 17th NIST-NCSC National Computer Security Conference, 138-149, October 1994. *[Sand94c] Ravi S. Sandu and Pierangela Samarati. “Access Control: Principles and Practice”. IEEE Communications Magazine, 32(9):40-48, September 1994. [Sand96a] Sandu, R, “Access Control: The Neglected Frontier”, INFORMATION SECURITY AND PROVACY, LECTURE NOTES IN COMPUTER SCIENCE, Vol. 1172, 1996, p. 219-27 *[Sand96b] Sandhu, R., Coyne, E.J., Feinstein, H. L., and Youman, C. E.,. “Role-Based Access Control Models”, IEEE Computer 29(2): 38-47, IEEE Press, 1996 Links: http://citeseer.nj.nec.com/cache/papers2/cs/15046/http:zSzzSzwww.list.gmu.eduzSzjournalszSzcomputerzSzpdf_verzSzi94rbac.pdf/sandhu96rolebased.pdf [Sand96c] Sandhu, R. 1996. “Role Hierarchies And Constraints For Lattice-Based Access Controls”. In Computer Security - ESORICS 96, LNCS1146 (1996), pp. 65-79. Springer Verlag 1996. [Sand97a] S.G.Ravi Sandhu, Venkata Bhamjdipati, Edward Coyne, Srinivas Ganta, and Charles Youman. “The ARBAC97 Model for Role-based Administration of Roles: Preliminary description and Outline”. In Proceedings of the Second ACM Workshop on Role-Base Access Control, Pages 41-50, Nov 1997. Link: http://citeseer.nj.nec.com/cache/papers2/cs/4358/http:zSzzSzwww.list.gmu.eduzSzconfrnczSzrbaczSzps_verzSzarbac97.pdf/sandhu97arbac.pdf [Sand97b] Sandhu RS and Samarati P (1997), "Authentication, Access Control and Intrusion Detection," The Computer Science and Engineering Handbook, CRC Press, Boca Raton, FL, 1997 http://citeseer.nj.nec.com/sandhu97authentication.html *[Sand98a] R. Sandhu and J. Park, “Decentralized User-Role Assignment for Web-based Intranets”, Proc. of the 3rd ACM Wksp. on Role-Based Access Control, Fairfax, VA, Oct, 1998. *[Sand98b] R. S. Sandhu. “Role-Based Access Control”. In M. Zerkowitz, editor, Advances in Computers, volume 48. Academic Press, 1998. Links: http://citeseer.nj.nec.com/cache/papers2/cs/3256/http:zSzzSzwww.list.gmu.eduzSzarticleszSzadvcomzSza98rbac.pdf/sandhu94rolebased.pdf [Sand98c] Ravi Sandhu and Venkata Bhamidipati. “Role-Based Administration Of User-Role Assignment: The URA97 Model And Its Oracle Implementation”. The Journal Of Computer Security, 1998. in press. http://citeseer.nj.nec.com/306841.html *[Sand98d] Sandhu, R. and Munawer, Q. 1998. “How To Do Discretionary Access Control Using Roles”. In C. Youman and T. Jaeger Eds., Proceedings of the Third ACM Workshop on Role-Based Access Control (1998), pp. 47-54. ACM Press, New York, NY. [Sand98e] Ravi Sandhu and Qamar Munawer. “The RRA97 Model For Role-Based Administration Of Role Hierarchies”. In Proceedings of 13th Annual Computer Security Application Conference, Scotsdale, AZ, December 7-11 1998. http://citeseer.nj.nec.com/sandhu98rra.html **[Sand98f] Ravi Sandhu, “Role Activation Hierarchies”, in Proceedings of the Third ACM Workshop on Role-Based Access Control, ACM, October 1998. http://citeseer.nj.nec.com/135271.html. *[Sand99] Ravi Sandhu, Venkata Bhamidipati and Qamar Munawer; “The ARBAC97 Model For Role-Based Administration Of Roles”; Trans. Inf. Syst. Secur. 2, 1 (Feb. 1999), Pages 105 – 135. *[Sand99a] Sandu, Munawer, “The ARBAC99 Model for Administrative Roles”, 15th Annual Conputer Security Applications Conference, December 1999, Phoenix, AZ. [Sand00a] Sandhu, R. "Engineering Authority And Trust In Cyberspace: The OM-AM And RBAC Way." Proceedings of the fifth ACM workshop on Rolebased access control, July 2000, Berlin Germany, pp. 111-119. *[Sand00b] Sandhu, R., Ferraiolo, D., and Kuhn, R. “The NIST Model For Role-Based Access Control: Towards A Unified Standard,” In proceedings of the fifth ACM workshop on Role-based access control, Berlin, Germany, July 26 - 28, 2000, pp. 47-63. **[Scha01] Schaad, A., Moffett, J., and Jacob, J., “The Role-Based Access Control System Of A European Bank: A Case Study And Discussion,” In Sixth ACM Symposium on Access control models and technologies, Chantilly, VA USA, May 3 - 4, 2001, pp. 3-9. *[Schi98] Kathrin Schier, “Multifunctional Smartcards for Electronic Commerce – Applications of the Role and Task Based Security Model”, 14th Annual Computer Security Applications Conference, AZ, USA, December 7-11, 1998,. *[Schn00] Fred B. Schneider, “Enforcable Security Policies”, ACM Transactions on Information and System Security, Vol. 3, No.1, February 200, pp 30-50. [Shen00] Shen, VRL, “Improvement Of A Multi-Role-Based Access Control Policy”, IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, Vol. E83A, 7, Jul. 2000, p. 1483-5 *[Simo97] Simon, R. and Zurko, M. E., “Separation Of Duty In Role-Based Environments,” Proceedings of the 10th Computer Security Foundations Workshop (CSFW '97), pages 183-194, Rockport, Massachusetts, June 1997. *[Smar98] Smarkusky, Demurjian, Bastarrica, Ting, “Security Capabilities and Potentials of Java”, White Paper, University of Connecticut, 1998. [Solm94] Solms, S. H., VanderMerve I., “The Management Of Computer Security Profiles Using A Role-Oriented Approach”, Computers and security, 1994 [Sosh97] M. Soshi and M. Maekawa, “The Saga Security System: A Security Architecture For Open Distributed Systems”, Proc. of 6th IEEE Workshop on Future Trends of Distributed Computing Systems (FTDCS '97), Tunis, Tunisia, 1997. [Spoo89] D. Spooner, "The Impact Of Inheritance On Security In Object-Oriented Database Systems", in Database Security, II: Status and Prospects, C. Landwehr (ed.), North-Holland, 1989. [Spoo96] Spooner, S. Demurjian, and J. Dobson Eds., Proceedings of the IFIP WG 11.3 Ninth Annual Working Conference on Database Security (1996), pp. 129-144. Chapman & Hall. [Ster92] Sterne, D. F., “A Tcb Subset For Integrity And Role-Based Access Control,” In 15th National Computer Security Conference, NIST/NSA, 1992. *[Swif01] Swift, Brundrett, Van Dyke, Garg, “Improving the Granularity of Access Control in Windows NT” , 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), 3-4 May 2001, pp.87-96. *[Tan01] Wee Yeh Tan, “Constraints-based Access Control”, 15th Annual IFIP WG 11.3, Canada, July 2001. [Tari97] Tari, Z. and Chan, S. W., "A Role-Based Access Control for Intranet Security," IEEE Internet Computing, Vol. 1, No. 5, 1997, pp. 24--34. *[Tezu00] S. Tezuka, et al., “Seamless Object Authentication in Different Security Policy Domains”, Proc. of 33rd Hawaii Intl. Conf. on System Sciences, January 2000. [Thom95] Thomas, R., “Role-based access control and distributed object-based enterprise computing,” In proceedings of the first ACM Workshop on Role-based access control, Gaithersburg, MD USA, November 30 - December 2, 1995, pp. 21. *[Thom97] Thomas, R. K.; “Team-Based Access Control (TMAC): A Primitive For Applying Role-Based Access Controls In Collaborative Environments”. In Second ACM Workshop on Role-Based Access Control, pages 13-19, Fairfax, Virginia, November 1997. *[Thom98] D. Thomsen, R. O’Brein, J. Bogle, “Role-Based Access Control Framework for Network Enterprises”, Proc. of 14th Annual Computer Security Applications Conf.(ACSAC),, December 1998. *[Thur89] M.B. Thuraisingham, “Mandatory Security in Object-Oriented Database Systems”, OOPSLA ’89 Proceedings, October 1989, pp. 203-210. [Tids99] Tidswell, J. E., Outhred, G. H. and Potter, J. M. "Dynamic Rights: Safe Extensible Access Control." Proceedings of the fourth ACM workshop on rolebased access control on Role-based access control, October 1999, Fairfax, VA USA, pp. 113-120. [Ting87] T.C. Ting, “ A Role-Based Data Security Approach”, in Database Security: Status and Prospects, edited by C.E.Landwehr, North-holland, 1987. [Vand] Vandenwauver, M., Govaerts, R., and Vandewalle, J., “How Role Based Access Control Is Implemented In SESAME,” [Vino97] S. Vinoski, “Corba: Integrating Diverse Applications Within Distributed Heterogeneous Environments”, IEEE Communications Magazine, Vol. 14, No. 2, Feb. 1997. [Vons94] Von Solms, S. H. and Van der Merve, T., “The Management Of Computer Security Profiles Using A Role Oriented Approach,” Computers and Security, 13(8), 1994, pp. 673-680. [Wald99] J. Waldo, “The JINI Architecture for Network-Centric Computing”, Communications of the ACM, Vol. 42, No. 7, July 1999. [Wall94] Wallace, D.R., Kuhn, D. R., Ippolito, L. M., and Beltracchi, L., ``Standards for High Integrity Software,'' Nuclear Safety, vol. 35, no. 1, Jan - June, 1994. *[Wals98] Walsh, T., Paciorek, N., and Wong, D. “Security and Reliability in Concordia”, Proc. of the 31st Hawaii Intl. Conf. on System Sciences (HICSS'98), 1998. [Wang99] W. Wang. “Team-And-Role-Based Organizational Context And Access Control For Cooperative Hypermedia Environments”. In ACM Hypertext'99, February 1999. [Wong97] Wong, Raymond K., “RBAC Support In Object-Oriented Role Databases”, Proceedings of the 1997 2nd ACM Workshop on Role-Based Access Control, p109, 1997. *[Wulf96], W. Wulf, et al., “A New Model Of Security For Distributed Systems”, 1996 ACM New Security Paradigms Workshop, Lake Arrowhead, California, Sept. 1996. (LEGION) *[Yao01] Yao, W., Moody, K., and Bacon, J., “A Model Of OASIS Role-Based Access Control And Its Support For Active Security,” In Sixth ACM Symposium on Access control models and technologies, Chantilly, VA USA, May 3 - 4, 2001, pp. 171-181. *[Yial96] Yialelis, N., Lupi, E., and Sloman, M. “Role-based Security for Distributed Object Systems”. In Proceedings of the 5th IEEE Workshops on Enabling Technologies: Infrustructure for Collaborative Enterprises(WET ICE ’96), pp 80-85. Links: http://citeseer.nj.nec.com/cache/papers2/cs/241/http:zSzzSzhypatia.dcs.qmw.ac.ukzSzdatazSzukzSzdse.doc.ic.ac.ukzSzmanagementzSzWET-ICEC.pdf/yialelis96rolebased.pdf [Youm96] Charles E. Youman; “RBAC Transition”; Proceedings of the first ACM Workshop on Role-based access control, 1996, Page 5 [Zdon90] S. Zdonik and D. Maier, “Fundamentals of Object-Oriented Databases”, in Readings in Object-Oriented Database Systems, Morgan Kaufmann, San Mateo, CA, 1990. [Zhan99] Zhang, Z., Haffner, E., Heuer, A., Engel, T. and Meinel, Ch., ”Role-Based Access Control In Online Authoring And Publishing Systems Vs. Document Hierarchy,” In proceedings on the seventeenth annual international conference on Computer documentation, New Orleans, LA USA, September 12 - 14, 1999, pp. 193-198. *[Zurk96] M.E. Zurko and R.T. Simon. "User Centered Security." Proc. New Security Paradigms Workshop, September 1996. The following papers are not complete. HongHai Shen and Prasun Dewan, “Access Control for Collaborative Environments” Luigi Giuri, Fondazione Ugo Bordoni, “Role-Based Access Control on the Web Using JavaTM” Matunda Nyanchama and SYLVIA OSBORN, “The Role Graph Model and Conflict of Interest” SangYeob Na, SuhHyun Cheon, ”Role Delegation in Role-Based Access Control” Thomas Riechmann, “Meta Objects for Access Control: A Formal Model for Role-Based Principals”
