Context Navigation

Changes between Version 101 and Version 102 of Old/SolarisRbac

Timestamp:: Aug 23, 2006, 8:38:27 PM (18 years ago)
Author:: hedinger
Comment:: —

Legend:

: Unmodified
: Added
: Removed
: Modified

Old/SolarisRbac

-              v101
+              v102
 Sawib Ali's e-mail [http://seclists.org/webappsec/2005/q3/0254.html FYI: RBAC for WebApps using LDAP]
 == RBAC Resources ==
 There is an extensive RBAC book that also employs formal methods:  [[http://www.amazon.com/gp/product/1580533701/102-0938547-5630513?v=glance&n=283155 Role-Based Access Control]], David F. Ferraiolo, D. Richard Kuhn, and Ramaswamy Chandramouli, Artech House, Inc., Norwood, MA, USA, 2003.
+There is an extensive RBAC book:  [[http://www.amazon.com/gp/product/1580533701/102-0938547-5630513?v=glance&n=283155 Role-Based Access Control]], David F. Ferraiolo, D. Richard Kuhn, and Ramaswamy Chandramouli, Artech House, Inc., Norwood, MA, USA, 2003.
 The National Institue of Standards and Technology maintains an extensive RBAC web site  [[http://csrc.nist.gov/rbac/  Role Based Access Control]] edited by David Ferraiolo, Rick Kuhn, Ramaswamy Chandramouli, and John Barkley.
+The National Institue of Standards and Technology maintains a comprehensive RBAC web site  [[http://csrc.nist.gov/rbac/  Role Based Access Control]] edited by David Ferraiolo, Rick Kuhn, Ramaswamy Chandramouli, and John Barkley.  This site includes sections on RBAC Standards, RBAC Design and Implementation, Downloadable RBAC Software, and NIST RBAC Patents.
 Role Based Access Control (RBAC) is now an American Standard:    [[ftp://orbit-lab.org/internal3/ANSI+INCITS+359-2004.pdf American National Standard for Information Technology - Role Based Access Control]] , American National Standards Institute Inc, ANSI INCITS 359-2004, February 2004.
+Role Based Access Control (RBAC) is an American Standard:    [[ftp://orbit-lab.org/internal3/ANSI+INCITS+359-2004.pdf American National Standard for Information Technology - Role Based Access Control]] , American National Standards Institute Inc, ANSI INCITS 359-2004, February 2004.
 The RBAC standard uses the Z Formal Specification Notation that is an International Standard:  [[ftp://orbit-lab.org/internal3/c021573_ISO_IEC_13568_2002E.pdf Information Technology - Z Formal Specification Notation - Syntax, Type System and Semantics]], ISO/IEC International Standard 13568:2002(E), July 2002.  An important Z reference:  [[ftp://orbit-lab.org/internal3/zrm.pdf The Z Notation: A Reference Manual, Second Edition]], J. M. Spivey, Oriel College, Oxford, UK, 1998.