Generalized Role-Based Access Control

Mesa, AZ April 16-April 19

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ICDSC.2001.918969

21st IEEE International Conference on ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Matthew J. Moyer Articles by Mustaque Ahamad

	ASCII Text	x
	Matthew J. Moyer, Mustaque Ahamad, "Generalized Role-Based Access Control," Distributed Computing Systems, International Conference on, pp. 0391, 21st IEEE International Conference on Distributed Computing Systems (ICDCS'01), 2001.

	BibTex	x
	@article{ 10.1109/ICDSC.2001.918969, author = {Matthew J. Moyer and Mustaque Ahamad}, title = {Generalized Role-Based Access Control}, journal ={Distributed Computing Systems, International Conference on}, volume = {0}, year = {2001}, isbn = {0-7695-1077-9}, pages = {0391}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICDSC.2001.918969}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Distributed Computing Systems, International Conference on TI - Generalized Role-Based Access Control SN - 0-7695-1077-9 SP EP A1 - Matthew J. Moyer, A1 - Mustaque Ahamad, PY - 2001 VL - 0 JA - Distributed Computing Systems, International Conference on ER -

Matthew J. Moyer, Georgia Institute of Technology

Mustaque Ahamad, Georgia Institute of Technology

Abstract: Generalized Role-Based Access Control (GRBAC) is a new paradigm for creating and maintaining rich access control policies. GRBAC leverages and extends the power of traditional Role-Based Access Control (RBAC) by incorporating subject roles, object roles and environment roles into access control decisions. Subject roles are like traditional RBAC roles: they abstract the security-relevant characteristics of subjects into categories that can be used in defining a security policy. Similarly, object roles abstract the various properties of objects, such as object type (e.g., text, JPEG, executable) or sensitivity level (e.g., classified, top secret) into categories. Environment roles capture environmental information, such as time of day or system load, so it can be used to mediate access control. Together, these three types of roles offer flexibility and expressive power, as well as a degree of usability not found in current access control models.

Citation:

Matthew J. Moyer, Mustaque Ahamad, "Generalized Role-Based Access Control," icdcs, pp.0391, 21st IEEE International Conference on Distributed Computing Systems (ICDCS'01), 2001

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.