Changes between Version 25 and Version 26 of Internal/Rbac/RbacResources


Ignore:
Timestamp:
Sep 8, 2006, 4:59:23 PM (18 years ago)
Author:
hedinger
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Internal/Rbac/RbacResources

    v25 v26  
    6363  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p191-bertino.pdf BBF01]] Elisa Bertino, Piero Andrea Bonatti, and Elena Ferrari. TRBAC: A Temporal Role-Based Access Control Model. ''ACM Trans. Inf. Syst. Secur.'', 4(3):191--233, 2001.
    6464
     65  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00485637.pdf BBFS96]] Elisa Bertino, Claudio Bettini, Elena Ferrari, and Pierangela Samarati. A Temporal Access Control Mechanism for Database Systems. ''IEEE Transactions on Knowledge and Data Engineering'', 8(1):67--80, 1996.
     66
     67  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/bertino97decentralized.pdf BBFS97]] Elisa Bertino, Claudio Bettini, Elena Ferrari, and Pierangela Samarati. Decentralized administration for a temporal access control model. ''Inf. Syst.'', 22(4):223--248, 1997.
     68
     69  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p231-bertino.pdf BBFS98]] Elisa Bertino, Claudio Bettini, Elena Ferrari, and Pierangela Samarati. An Access Control Model Supporting Periodicity Constraints and Temporal Reasoning. ''ACM Trans. Database Syst.'', 23(3):231--285, 1998.
     70
    6571  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01314738.pdf BBG05]] Rafae Bhatti, Elisa Bertino, and Arif Ghafoor. A Trust-Based Context-Aware Access Control Model for Web-Services. ''Distrib. Parallel Databases'', 18(1):83--105, 2005.
    6672
    6773  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/CACM_Accepted.pdf BBG06]] Rafae Bhatti, Elisa Bertino, and Arif Ghafoor. An Integrated Approach to Federated Identity and Privilege Management in Open Systems. ''Communications of the ACM'', 2006. Accepted for publication.
    6874
     75  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p126-bertino.pdf BBS94]] Elisa Bertino, Claudio Bettini, and Pierangela Samarati. A Temporal Authorization Model. In ''CCS '94: Proceedings of the 2nd ACM Conference on Computer and communications security'', pages 126--135, New York, NY, USA, 1994. ACM Press.
     76
    6977  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p71-bertino.pdf BCFP03]] Elisa Bertino, Barbara Catania, Elena Ferrari, and Paolo Perlasca. A Logical Framework for Reasoning about Access Control Models. ''ACM Trans. Inf. Syst. Secur.'', 6(1):71--127, 2003.
    7078
     
    111119  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01377247.pdf BS04]] Ezedin Barka and Ravi S. Sandhu. Role-Based Delegation Model/Hierarchical Roles (RBDM1). In ''20th Annual Computer Security Applications Conference'', pages 396--404, Washington, DC, USA, December 2004. IEEE Computer Society.
    112120
     121  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01416861.pdf BS05]] Elisa Bertino and Ravi Sandhu. Database Security - Concepts, Approaches, and Challenges. ''IEEE Transactions on Dependable and Secure Computing'', 2(1):2--19, 2005.
     122
    113123  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p388-bhatti.pdf BSBE05]] Rafae Bhatti, Basit Shafiq, Elisa Bertino, Arif Ghafoor, and James B. D. Joshi. X-GTRBAC Admin: A Decentralized Administration Model for Enterprise-Wide Access Control. ''ACM Trans. Inf. Syst. Secur.'', 8(4):388--423, 2005.
    114124
     
    129139  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/access_validate.pdf Cha03]] Ramaswamy Chandramouli. Specification and Validation of Enterprise Access Control Data for Conformance to Model and Policy Constraints. In ''World Multiconference on Systems, Cybernetics and Informatics, July 27-30, 2003'', July 2003.
    130140
     141  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/2143.pdf Cho05]] Shih-Chien Chou. An RBAC-Based Access Control Model for Object-Oriented Systems Offering Dynamic Aspect Features. ''IEICE Trans Inf Syst'', E88-D(9):2143--2147, 2005.
     142
    131143  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01506523.pdf CJ05]] Suroop Mohan Chandran and James B. D. Joshi. Towards Administration of a Hybrid Role Hierarchy. In ''2005 IEEE International Conference on Information Reuse and Integration'', pages 500--505, Washington, DC, USA, August 2005. IEEE Computer Society.
    132144
    133   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p6-crampton.pdf CL01]] Jason Crampton and George Loizou. Authorisation and Antichains. ''SIGOPS Oper. Syst. Rev.'', 35(3):6--15, 2001.
     145  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/fulltext.pdf CL01a]] Jan Chomicki and Jorge Lobo. Monitors for History-Based Policies. In ''POLICY '01: Proceedings of the International Workshop on Policies for Distributed Systems and Networks'', pages 57--72, London, UK, 2001. Springer-Verlag.
     146
     147  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p6-crampton.pdf CL01b]] Jason Crampton and George Loizou. Authorisation and Antichains. ''SIGOPS Oper. Syst. Rev.'', 35(3):6--15, 2001.
    134148
    135149  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p201-crampton.pdf CL03]] Jason Crampton and George Loizou. Administrative Scope: A Foundation for Role-Based Administrative Models. ''ACM Trans. Inf. Syst. Secur.'', 6(2):201--231, 2003.
     
    169183  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/risk-tbac-itrust05.pdf DBIM05]] Nathan Dimmock, Jean Bacon, David Ingram, and Ken Moody. Risk Models for Trust-Based Access Control (TBAC). In ''iTrust 2005'', pages 364--371. University of Cambridge, 2005.
    170184
     185  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01357945.pdf DBTS04]] Michael Drouineaud, Maksym Bortin, Paolo Torrini, and Karsten Sohr. A first step towards formal verification of security policy properties for RBAC. In ''QSIC '04: Proceedings of the Fourth International Conference on Quality Software'', pages 60--67, Washington, DC, USA, 2004. IEEE Computer Society.
     186
    171187  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/tcsec-dod85.pdf Def85]] Department of Defense. ''Department of Defense Trusted Computer System Evaluation Criteria''. United States Government Printing Office, December 1985. DOD 5200.28-STD (The Orange Book).
    172188
     189  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p236-denning.pdf Den76]] Dorothy E. Denning. A Lattice Model of Secure Information Flow. ''Commun. ACM'', 19(5):236--243, 1976.
     190
    173191  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/cts2006-oce-dynamic-access-control-05.pdf DGTE06]] Yuri Demchenko, Leon Gommans, Andrew Tokmakoff, Rene van Buuren, and Cees de Laut. Policy Based Access Control in Dynamic Grid-based Collaborative Environment. In ''International Symposium on Collaborative Technologies and Systems CTS 2006'', pages 64--73. University of Amsterdam, May 2006.
    174192
     
    257275  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01541190.pdf HPN05]] Zhijun He, Tuan Phan, and Thu D. Nguyen. Enforcing Enterprise-Wide Policies Over Standard Client-Server Interactions. In ''SRDS '05: Proceedings of the 24th IEEE Symposium on Reliable Distributed Systems (SRDS'05)'', pages 119--131, Washington, DC, USA, 2005. IEEE Computer Society.
    258276
     277  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p461-harrison.pdf HRU76]] Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman. Protection in Operating Systems. ''Commun. ACM'', 19(8):461--471, 1976.
     278
    259279  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01265212.pdf Hun04]] Patrick C. K. Hung. From Conflict of Interest to Separation of Duties in WS-Policy for Web Services Matchmaking Process. In ''Proceedings of the 37th Annual Hawaii International Conference on System Sciences'', pages 1--10, January 2004.
    260280
     
    271291  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01355921.pdf JBBG04]] James B. D. Joshi, Rafae Bhatti, Elisa Bertino, and Arif Ghafoor. Access-Control Language for Multidomain Environments. ''IEEE Internet Computing'', 8(6):40--50, 2004.
    272292
     293  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01453534.pdf JBG05]] James B. D. Joshi, Elisa Bertino, and Arif Ghafoor. An Analysis of Expressiveness and Design Issues for the Generalized Temporal Role-Based Access Control Model. ''IEEE Transactions on Dependable and Secure Computing'', 2(2):157--175, 2005.
     294
    273295  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01363762.pdf JBLG05]] James B. D. Joshi, Elisa Bertino, Usman Latif, and Arif Ghafoor. A Generalized Temporal Role-Based Access Control Model. ''IEEE Transactions on Knowledge and Data Engineering'', 17(1):4--23, 2005.
    274296
     
    313335  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00800059.pdf LN99]] !HyungHyo Lee and !BongNam Noh. An Integrity Enforcement Application Design and Operation Framework in Role-Based Access Control Systems: A Session-Oriented Approach. In ''Proceedings of the 1999 International Workshop on Parallel Processing'', pages 179--184, Washington, DC, USA, September 1999. IEEE Computer Society.
    314336
     337  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p25-lorch.pdf LPLE03]] Markus Lorch, Seth Proctor, Rebekah Lepro, Dennis Kafura, and Sumit Shah. First Experiences Using XACML for Access Control in Distributed Systems. In ''XMLSEC '03: Proceedings of the 2003 ACM workshop on XML security'', pages 25--37, New York, NY, USA, 2003. ACM Press.
     338
    315339  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01552918.pdf LSQ05]] Qi Li, Jingpu Shi, and Sihan Qing. An Administration Model of DRBAC on the Web. In ''2005 IEEE International Conference on e-Business Engineering (ICEBE 2005)'', pages 364--367, Washington, DC, USA, October 2005. IEEE Computer Society.
    316340
     
    325349  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01214883.pdf MDS03]] Till Mossakowski, Michael Drouineaud, and Karsten Sohr. A Temporal-Logic Extension of Role-Based Access Control Covering Dynamic Separation of Duties. In ''Proceedings of the Fourth International Conference on Temporal Logic and 10th International Symposium on Temporal Representation and Reasoning'', pages 83--90, Washington, DC, USA, July 2003. IEEE Computer Society.
    326350
     351  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01229859.pdf MF03]] Gustavo H. M. B. Motta and Sergio S. Furuie. A Contextual Role-Based Access Control Authorization Model for Electronic Patient Record. ''IEEE Transactions on Information Technology in Biomedicine'', 7(3):202--207, September 2003.
     352
    327353  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/moffett99uses.pdf ML99]] Jonathan D. Moffett and Emil Lupu. The Uses of Role Hierarchies in Access Control. In ''ACM Workshop on Role-Based Access Control'', pages 153--160, 1999.
    328354
     
    337363  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p45-nyanchama.pdf NO93]] Matunda Nyanchama and Sylvia Osborn. Role-Based Security, Object Oriented Databases and Separation of Duty. ''SIGMOD Rec.'', 22(4):45--51, 1993.
    338364
     365  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p3-nyanchama.pdf NO99]] Matunda Nyanchama and Sylvia Osborn. The Role Graph Model and Conflict of Interest. ''ACM Trans. Inf. Syst. Secur.'', 2(1):3--33, 1999.
     366
    339367  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/conundrums.pdf NP90]] Michael J. Nash and Keith R. Poland. Some Conundrums Concerning Separation of Duty. In ''IEEE Computer Society Symposium on Research in Security and Privacy'', pages 201--207, Washington, DC, USA, May 1990. IEEE Computer Society.
    340368
     
    369397  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/i01-kluwer01-jpark.pdf PAS01]] Joon S. Park, Gail-Joon Ahn, and Ravi S. Sandhu. Role-Based Access Control on the Web Using LDAP. In ''Proceeding of the 15th IFIP WG 11.3 Working Conference on Database and Application Security'', pages 19--30, 2001.
    370398
     399  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/JP_004.pdf PBE01]] Stephen Perelson, Reinhardt Botha, and Jan Eloff. Separation of Duty Administration. ''SACJ/SART'', 27(1):64--70, 2001.
     400
    371401  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p163-park.pdf PCND04]] Joon S. Park, Keith P. Costello, Teresa M. Neven, and Josh A. Diosomito. A Composite RBAC Approach for Large, Complex Organizations. In ''SACMAT '04: Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies'', pages 163--172, New York, NY, USA, 2004. ACM Press.
    372402
     
    377407  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01566202.pdf PM05]] Aneta Poniszewska-Maranda. Role Engineering of Information System Using Extended RBAC Model. In ''WETICE '05: Proceedings of the 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise'', pages 154--159, Washington, DC, USA, 2005. IEEE Computer Society.
    378408
     409  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01632009.pdf PMC06]] Anil L. Pereira, Vineela Muppavarapu, and Soon M. Chung. Role-Based Access Control for Grid Database Services Using the Community Authorization Service. ''IEEE Transactions on Dependable and Secure Computing'', 3(2):156--166, 2006.
     410
     411  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/Pavlich-IFIP05.pdf PMDME05]] Jaime A. Pavlich-Mariscal, Thuong Doan, Laurent Michel, Steven A. Demurjian, and T. C. Ting. Role Slices: A Notation for RBAC Permission Assignment and Enforcement. In S. Jojodia, editor, ''Proceedings of the 19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security'', volume 3654 of ''Lecture Notes in Computer Science'', pages 40--53, Berlin / Heidelberg, August 2005. Springer.
     412
     413  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/rbacaspect.pdf PMMD05]] Jaime Pavlich-Mariscal, Laurent Michel, and Steven Demurjian. ''A Formal Enforcement Framework for Role-Based Access Control Using Aspect-Oriented Programming'', volume 3713 of ''Lecture Notes in Computer Science'', pages 537--552. Springer, Berlin / Heidelberg, 2005.
     414
     415  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p236-popek.pdf Pop73]] Gerald J. Popek. Correctness in Access Control. In ''ACM'73: Proceedings of the Annual Conference'', pages 236--241, New York, NY, USA, 1973. ACM Press.
     416
    379417  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p1-park.pdf PS99a]] Joon S. Park and Ravi S. Sandhu. RBAC on the Web by Smart Certificates. In ''RBAC '99: Proceedings of the Fourth ACM Workshop on Role-Based Access Control'', pages 1--9, New York, NY, USA, 1999. ACM Press.
    380418
     
    397435  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p87-phillips.pdf PTD02]] Charles E. Phillips, Jr., T.C. Ting, and Steven A. Demurjian. Information Sharing and Security in Dynamic Coalitions. In ''SACMAT '02: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies'', pages 87--96, New York, NY, USA, 2002. ACM Press.
    398436
     437  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/IFIP04-mutability.pdf PZS04]] Jaehong Park, Xinwen Zhang, and Ravi S. Sandhu. Attribute Mutability in Usage Control. In Csilla Farkas and Pierangela Samarati, editors, ''Proceedings of the Eighteenth Annual Conference on Data and Applications Security, Research Directions in Data and Applications Security XVIII, IFIP TC11/WG 11.3'', pages 15--29. Kluwer, July 2004.
     438
    399439  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/report02-1.pdf Res02]] Research Triangle Institute. The Economic Impact of Role Based Access Control. Technical Report Planning Report 02-01, NIST, 2002.
    400440
     441  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01233707.pdf RNKZ03]] Tatyana Ryutov, Clifford Neuman, Dongho Kim, and Li Zhou. Integrated Access Control and Intrusion Detection for Web Servers. ''IEEE Transactions on Parallel and Distributed Systems'', 14(9):841--850, September 2003.
     442
    401443  [[http://cuddletech.com/blog/pivot/entry.php?id=362 Roc03]] Ben Rockwood. Using RBAC on (Open)Solaris, September 2003.
    402444
     
    409451  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/dotstar.pdf S06]] Ifti S. Implementing RBAC on .Net. developer dot star web site, May 2006. http://www.developerdotstar.com/community/node/482.
    410452
    411   [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/fulltext.pdf SACJ04]] Dongwan Shin, Gail-Joon Ahn, Sangrae Cho, and Seunghun Jin. A Role-Based Infrastructure Management System: Design and Implementation. ''Concurr. Comput. : Pract. Exper.'', 16(11):1121--1141, September 2004.
     453  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p1121-shin.pdf SACJ04]] Dongwan Shin, Gail-Joon Ahn, Sangrae Cho, and Seunghun Jin. A Role-Based Infrastructure Management System: Design and Implementation. ''Concurr. Comput. : Pract. Exper.'', 16(11):1121--1141, September 2004.
    412454
    413455  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/fulltext-1.pdf SAGM05]] Karsten Sohr, Gail-Joon Ahn, Martin Gogolla, and Lars Migge. Specification and Validation of Authorisation Constraints Using UML and OCL. In Sabrina De Capitani di Vimercati, Paul F. Syverson, and Dieter Gollmann, editors, ''Computer Security, Proceedings of the 10th European Symposium on Research in Computer Security - ESORICS 2005'', volume 3679 of ''Lecture Notes in Computer Science'', pages 64--79, Berlin / Heidelberg, September 2005. Springer.
     
    415457  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p15-sohr.pdf SAM05]] Karsten Sohr, Gail-Joon Ahn, and Lars Migge. Articulating and Enforcing Authorisation Policies with UML and OCL. In ''SESS '05: Proceedings of the 2005 Workshop on Software engineering for secure systems - building trustworthy applications'', pages 1--7, New York, NY, USA, 2005. ACM Press.
    416458
     459  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00113349.pdf San88]] Ravi S. Sandhu. Transaction Control Expressions for Separation of Duties. In ''Proceedings of the Fourth Aerospace Computer Security Applications Conference'', pages 282--286, Washington, DC, USA, December 1988. IEEE Computer Society.
     460
     461  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00241422.pdf San93]] Ravi S. Sandhu. Lattice-Based Access Control Models. ''Computer'', 26(11):9--19, 1993.
     462
    417463  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/sandhu96access.pdf San96a]] Ravi S. Sandhu. Access Control: The Neglected Frontier. In ''ACISP '96: Proceedings of the First Australasian Conference on Information Security and Privacy'', pages 219--227, London, UK, 1996. Springer-Verlag.
    418464
     
    453499  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/schaad03framework.pdf Sch03]] Andreas Schaad. ''A Framework for Organisational Control Principles''. PhD thesis, The University of York, July 2003. Advisor: Dr. Jonathan Moffett.
    454500
     501  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p32-siewe.pdf SCZ03]] François Siewe, Antonio Cau, and Hussein Zedan. A Compositional Framework for Access Control Policies Enforcement. In ''FMSE '03: Proceedings of the 2003 ACM workshop on Formal methods in security engineering'', pages 32--42, New York, NY, USA, 2003. ACM Press.
     502
    455503  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p332-sohr.pdf SDA05]] Karsten Sohr, Michael Drouineaud, and Gail-Joon Ahn. Formal Specification of Role-Based Security Policies for Clinical Information Systems. In ''SAC '05: Proceedings of the 2005 ACM Symposium on Applied Computing'', pages 332--339, New York, NY, USA, 2005. ACM Press.
    456504
     
    487535  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p1-sandhu.pdf SP98]] Ravi S. Sandhu and Joon S. Park. Decentralized User-Role Assignment for Web-Based Intranets. In ''ACM Workshop on Role-Based Access Control'', pages 1--12, 1998.
    488536
     537  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/2003_MMS_UCON.pdf SP03]] Ravi S. Sandhu and Jaehong Park. Usage Control: A Vision for Next Generation Access Control. In Vladimir Gorodetsky, Leonard J. Popyack, and Victor A. Skormin, editors, ''Proceedings of the Second International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2003'', volume 2776 of ''Lecture Notes in Computer Science'', pages 17--31. Springer, September 2003.
     538
    489539  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/researchpaper.pdf Spe04]] Bradley Spengler. Increasing Performance and Granularity in Role-Based Access Control Systems -- A Case Study in GRSECURITY. Technical report, OpenOffice.org, May 2004.
    490540
     
    509559  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/00596811.pdf SZ97]] Richard T. Simon and Mary Ellen Zurko. Separation of Duty in Role-Based Environments. In ''Proceedings of the 10th Computer Security Foundations Workshop'', pages 183--194, June 1997.
    510560
     561  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p147-sandhu.pdf SZ05]] Ravi Sandhu and Xinwen Zhang. Peer-to-Peer Access Control Architecture Using Trusted Computing Technology. In ''SACMAT '05: Proceedings of the tenth ACM symposium on Access control models and technologies'', pages 147--158, New York, NY, USA, 2005. ACM Press.
     562
    511563  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p29-tolone.pdf TAPH05]] William Tolone, Gail-Joon Ahn, Tanusree Pai, and Seng-Phil Hong. Access Control in Collaborative Systems. ''ACM Comput. Surv.'', 37(1):29--41, 2005.
    512564
     
    521573  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/CRPITV21ATaylor.pdf TM03]] Kerry Taylor and James Murty. Implementing Role Based Access Control for Federated Information Systems on the Web. In ''ACSW Frontiers '03: Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003'', pages 87--95, Darlinghurst, Australia, Australia, 2003. Australian Computer Society, Inc.
    522574
     575  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/i97tbac.pdf TS98]] Roshan K. Thomas and Ravi S. Sandhu. Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management. In ''Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI'', pages 166--181, London, UK, UK, 1998. Chapman & Hall, Ltd.
     576
    523577  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p3-wobber.pdf WABL94]] Edward Wobber, Martín Abadi, Michael Burrows, and Butler Lampson. Authentication in the Taos Operating System. ''ACM Trans. Comput. Syst.'', 12(1):3--32, 1994.
    524578
     
    533587  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01578944.pdf YHHL05]] Hanbing Yao, Heping Hu, Baohua Huang, and Ruixuan Li. Dynamic Role and Context-Based Access Control for Grid Applications. In ''Sixth International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2005'', pages 404--406, Los Alamitos, CA, USA, December 2005. IEEE Computer Society.
    534588
     589  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01376833.pdf YHM04]] Wataru Yamazaki, Hironori Hiraishi, and Fumio Mizoguchi. Designing an Agent-Based RBAC System for Dynamic Security Policy. In ''WETICE '04: Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises'', pages 199--204, Washington, DC, USA, 2004. IEEE Computer Society.
     590
    535591  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/01414530.pdf YS04]] Burin Yenmunkong and Chanboon Sathitwiriyawong. An Experimental Study of ERBAC03 for Access Control Administration. In ''2004 IEEE Region 10 Conference, TENCON 2004'', volume B2, pages 57--60, November 2004.
    536592
     
    541597  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/04-zhang-logic.pdf ZPPPS04]] Xinwen Zhang, Jaehong Park, Francesco Parisi-Presicce, and Ravi Sandhu. A Logical Specification for Usage Control. In ''SACMAT '04: Proceedings of the Ninth ACM symposium on Access Control Models and Technologies'', pages 1--10, New York, NY, USA, 2004. ACM Press.
    542598
     599  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p351-zhang.pdf ZPPSP05]] Xinwen Zhang, Francesco Parisi-Presicce, Ravi Sandhu, and Jaehong Park. Formal Model and Policy Specification of Usage Control. ''ACM Trans. Inf. Syst. Secur.'', 8(4):351--387, 2005.
     600
    543601  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/RBAC-1.pdf ZWCJ02]] John Zao, Hoetech Wee, Jonathan Chu, and Daniel Jackson. RBAC Schema Verification Using Lightweight Formal Model and Constraint Analysis. Technical report, MIT, 2002.
    544602