Context Navigation

RbacResources

Timestamp:: Sep 20, 2006, 5:53:22 PM (18 years ago)
Author:: hedinger
Comment:: —

Legend:

: Unmodified
: Added
: Removed
: Modified

Internal/Rbac/RbacResources

v55	v56
5	5	There is a book that covers the background and most technical aspects of RBAC: [[http://www.amazon.com/gp/product/1580533701/ Role-Based Access Control]], David F. Ferraiolo, D. Richard Kuhn, and Ramaswamy Chandramouli, Artech House, Inc., Norwood, MA, USA, 2003.
6	6
7		Role Based Access Control (RBAC) is an American Standard: [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/ANSI+INCITS+359-2004.pdf American National Standard for Information Technology - Role Based Access Control]], American National Standards Institute Inc, ANSI INCITS 359-2004, February 2004; see also its [[http://xml.coverpages.org/RBAC-ANSI.html announcement]]. There is an on-going effort to standardize aspects of its implementation too [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/draft-rbac-implementation-std-v01.pdf Tec06]] and [[http://www.incits.org/tc_home/cs1.htm INCITS CS1 site]]. There is also some discussion of changes to the standard [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/aboutRBACStandard.pdf LBB06]] and a forthcoming reply [[http://csrc.nist.gov/staff/kuhn/rkhome.html Kuh06 under External publications]].
	7	Role Based Access Control (RBAC) is an American Standard: [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/ANSI+INCITS+359-2004.pdf American National Standard for Information Technology - Role Based Access Control]], American National Standards Institute Inc, ANSI INCITS 359-2004, February 2004; see also its [[http://xml.coverpages.org/RBAC-ANSI.html announcement]]. There is an on-going effort to standardize aspects of its implementation too [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/draft-rbac-implementation-std-v01.pdf Tec06]] and [[http://www.incits.org/tc_home/cs1.htm INCITS CS1 site]]. There is also some discussion of problems with the standards API's [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/xacmlmsg36.pdf And04]] and of changes to the standard [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/aboutRBACStandard.pdf LBB06]] and a forthcoming reply [[http://csrc.nist.gov/staff/kuhn/rkhome.html Kuh06 under External publications]].
8	8
9	9	The RBAC standard uses the Z Formal Specification Notation to specify the actions of RBAC methods. It is an International Standard: [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/c021573_ISO_IEC_13568_2002E.pdf Information Technology - Z Formal Specification Notation - Syntax, Type System and Semantics]], ISO/IEC International Standard 13568:2002(E), July 2002. An important Z reference: [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/zrm.pdf The Z Notation: A Reference Manual, Second Edition]], J. M. Spivey, Oriel College, Oxford, UK, 1998.