Entry Ferraiolo:1999:RBA from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Ferraiolo:1999:RBA,
  author =       "David F. Ferraiolo and John F. Barkley and D. Richard
                 Kuhn",
  title =        "A role-based access control model and reference
                 implementation within a corporate intranet",
  journal =      j-TISSEC,
  volume =       "2",
  number =       "1",
  pages =        "34--64",
  month =        feb,
  year =         "1999",
  CODEN =        "ATISBQ",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Tue Jul 27 17:35:45 MDT 1999",
  bibsource =    "http://www.acm.org/tissec/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  URL =          "http://www.acm.org:80/pubs/citations/journals/tissec/1999-2-1/p34-ferraiolo/",
  abstract =     "This paper describes NIST's enhanced RBAC model and
                 our approach to designing and implementing RBAC
                 features for networked Web servers. The RBAC model
                 formalized in this paper is based on the properties
                 that were first described in Ferraiolo and Kuhn [1992]
                 and Ferraiolo et al. [1995], with adjustments resulting
                 from experience gained by prototype implementations,
                 market analysis, and observations made by Jansen [1988]
                 and Hoffman [1996]. The implementation of RBAC for the
                 Web (RBAC/Web) provides an alternative to the
                 conventional means of administering and enforcing
                 authorization policy on a server-by-server basis.
                 RBAC/Web provides administrators with a means of
                 managing authorization data at the enterprise level, in
                 a manner consistent with the current set of laws,
                 regulations, and practices.",
  acknowledgement = ack-nhfb,
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
  keywords =     "security; standardization",
  subject =      "{\bf C.2.4} Computer Systems Organization,
                 COMPUTER-COMMUNICATION NETWORKS, Distributed Systems.
                 {\bf C.2.5} Computer Systems Organization,
                 COMPUTER-COMMUNICATION NETWORKS, Local and Wide-Area
                 Networks. {\bf D.4.6} Software, OPERATING SYSTEMS,
                 Security and Protection, Access controls. {\bf D.4.7}
                 Software, OPERATING SYSTEMS, Organization and Design,
                 Distributed systems.",
}

Related entries

administering, 13(3)20
administrator, 2(2)177, 11(2)2, 11(3)16, 13(1)10, 14(1)2
al., 2(1)3, 9(2)181, 9(4)461, 10(2)6, 10(4)5, 11(3)14, 13(4)37, 14(3)27, 15(3)11, 16(3)10, 18(3)10
alternative, 2(1)3, 2(3)295, 10(4)3, 12(3)16, 15(2)10, 15(4)15, 17(2)8, 17(4)14, 18(4)13
analysis, 1(1)66, 2(2)138, 2(3)230, 2(3)332, 4(1)1, 6(4)443, 7(2)175, 7(4)489, 8(3)312, 9(3)292, 9(4)391, 10(1)2, 10(3)9, 10(3)10, 10(3)11, 10(4)2, 10(4)6, 11(2)3, 11(3)13, 11(3)15, 11(4)17, 11(4)18, 11(4)23, 12(1)4, 12(2)10, 12(3)16, 13(1)10, 13(3)25, 13(3)26, 13(3)27, 13(4)41, 14(1)6, 14(1)8, 14(1)13, 14(2)15, 14(4)28, 15(3)14, 15(4)17, 15(4)18, 16(1)2, 16(1)4, 16(2)8, 16(3)10, 16(3)11, 16(4)14, 16(4)17, 17(1)1, 17(1)4, 17(2)7, 17(3)9, 17(4)14, 18(1)1, 18(1)4, 18(2)6
approach, 1(1)3, 1(1)26, 2(2)138, 2(3)269, 2(3)295, 5(2)119, 5(3)203, 6(1)128, 7(3)392, 9(4)391, 9(4)421, 10(1)2, 10(1)4, 10(3)11, 10(3)12, 10(4)4, 11(1)3, 11(3)15, 11(3)16, 11(4)17, 11(4)19, 12(1)1, 12(1)4, 12(2)11, 12(3)14, 13(3)20, 13(3)24, 13(4)31, 13(4)35, 13(4)36, 14(1)8, 14(3)23, 14(4)29, 15(1)4, 15(3)12, 15(3)13, 15(4)15, 15(4)17, 15(4)18, 16(2)5, 16(2)7, 16(2)8, 16(4)15, 16(4)16, 17(3)12, 17(4)14, 18(2)5, 18(2)7, 18(3)11
Area, Wide-, 2(3)269
authorization, 1(1)26, 2(1)65, 2(1)105, 2(2)177, 3(4)207, 4(4)453, 5(1)62, 6(1)128, 6(4)566, 7(2)175, 7(3)363, 10(4)2, 11(1)2, 11(1)3, 11(1)4, 12(1)6, 12(2)8, 12(3)15, 13(3)20, 13(3)25, 13(4)40, 14(1)3, 14(1)8, 14(3)23, 15(3)13, 17(2)5
based, 1(1)3, 2(2)177, 2(3)230, 2(3)295, 2(3)332, 3(3)161, 7(2)319, 9(2)162, 9(2)181, 9(4)421, 10(1)2, 10(1)4, 10(2)6, 11(1)3, 11(2)1, 11(2)4, 11(3)12, 11(3)15, 11(4)17, 11(4)18, 12(1)1, 12(1)4, 12(2)13, 12(3)16, 12(3)17, 12(3)18, 13(3)24, 13(3)27, 13(3)28, 13(4)29, 13(4)30, 13(4)31, 13(4)41, 14(1)3, 14(1)4, 14(1)8, 14(1)9, 14(1)10, 14(4)30, 15(2)6, 15(2)7, 15(3)13, 16(2)8, 16(4)16, 17(1)3, 17(2)7, 17(3)12, 17(4)13, 17(4)14, 17(4)15, 17(4)16, 18(1)1, 18(1)4, 18(3)10, 18(3)11, 18(4)14
based, role-, 2(1)3, 2(1)65, 2(1)105, 2(2)177, 4(3)224, 5(4)492, 6(2)201, 6(3)404, 9(4)391, 10(2)5, 10(2)7, 10(4)2, 12(3)15, 13(3)24, 13(3)27, 13(3)28, 15(3)13, 15(4)15
basis, 2(3)295, 10(4)2, 11(4)20, 11(4)22, 12(1)2, 13(3)27, 14(1)8, 16(4)14
C.2.4, 2(1)105, 2(2)159
C.2.5, 2(3)269
COMMUNICATION, COMPUTER-, 1(1)66, 2(1)105
computer, 1(1)66, 2(1)105, 2(2)159, 2(3)230, 2(3)269, 2(3)332, 2(4)354, 2(4)416, 10(2)5, 11(4)20, 12(2)7, 13(2)11, 15(1)1, 15(2)9, 16(2)5, 17(2)6
COMPUTER-COMMUNICATION, 1(1)66, 2(1)105
consistent, 12(2)8, 13(3)25, 14(1)2, 14(4)32, 15(4)17
conventional, 10(1)2, 10(1)3, 15(4)18
corporate, 2(4)390
current, 2(1)65, 2(2)177, 2(4)390, 11(4)18, 11(4)20, 11(4)22, 12(2)8, 12(2)10, 13(3)20, 13(4)35, 15(3)12, 16(3)10, 16(4)13, 16(4)16, 17(1)1, 17(1)2, 17(2)6, 17(3)9
D.4.6, 1(1)3, 2(1)3, 2(1)105, 2(2)138, 2(2)177, 2(3)295, 2(4)354
D.4.7, 2(1)105
describe, 1(1)66, 2(1)3, 2(1)105, 2(2)159, 2(2)177, 2(3)230, 2(4)354, 2(4)390, 7(2)319, 10(4)3, 11(4)21, 12(1)1, 12(2)11, 12(3)16, 12(4)21, 13(4)30, 13(4)34, 14(3)24, 14(3)27, 15(3)11, 15(3)13, 16(3)10, 16(3)12, 16(4)14, 17(2)5, 18(2)8
described, 1(1)3, 2(1)105, 9(2)181, 12(1)1, 13(4)33, 18(2)6
design, 1(1)66, 2(1)105, 2(2)138, 2(3)269, 2(4)390, 2(4)416, 10(2)7, 10(3)11, 10(4)1, 11(1)2, 11(2)1, 11(4)18, 11(4)23, 12(1)3, 12(2)8, 12(2)11, 12(3)17, 12(4)20, 12(4)22, 13(1)10, 13(4)29, 13(4)32, 14(1)8, 14(3)24, 15(3)13, 16(2)5, 16(2)6, 16(2)8, 16(4)16, 17(1)4, 17(2)7, 17(2)8, 17(4)13, 18(1)1, 18(1)3, 18(4)12
designing, 10(4)6, 16(4)15, 18(4)13
distributed, 2(1)105, 2(2)159, 2(3)332, 4(2)103, 4(4)407, 6(1)128, 8(1)41, 9(1)1, 9(4)421, 10(2)7, 11(1)3, 11(1)4, 11(2)1, 11(3)14, 12(1)1, 12(1)2, 12(2)8, 12(2)12, 13(2)16, 13(3)25, 14(1)3, 14(1)12, 14(3)27, 14(4)31, 15(2)6, 15(3)13, 16(4)14, 16(4)15, 17(4)13, 18(1)2, 18(2)6
enforcing, 1(1)26, 10(2)5, 12(2)8, 13(1)6, 13(3)21, 14(3)25, 14(4)31, 16(1)1, 17(1)3
enhanced, 10(1)2, 11(4)22, 14(3)24, 14(4)29, 15(2)7
enterprise, 2(3)269, 11(1)4, 13(4)31, 14(1)3, 15(3)13, 15(4)15, 15(4)18, 17(3)11
et, 2(1)3, 9(2)181, 9(4)461, 10(2)6, 10(4)5, 11(3)14, 13(4)37, 14(3)27, 15(3)11, 16(3)10, 18(3)10
experience, 11(1)2, 14(4)32, 17(3)9, 17(4)14, 18(1)3
feature, 2(2)177, 2(3)295, 3(4)227, 10(1)2, 10(3)12, 11(4)22, 13(3)24, 13(4)32, 13(4)35, 13(4)41, 16(2)5, 16(2)7, 16(4)13, 16(4)14, 17(3)10, 17(4)16, 18(2)5, 18(3)11
Ferraiolo, David F., 4(3)224
first, 2(1)105, 2(4)354, 9(2)181, 10(4)6, 11(2)3, 11(2)4, 11(3)13, 11(4)18, 11(4)22, 12(1)3, 12(1)5, 12(3)18, 12(4)22, 13(4)31, 13(4)32, 14(1)13, 14(3)25, 14(4)30, 14(4)31, 15(4)17, 15(4)18, 16(3)10, 17(1)4, 17(2)6, 17(3)11, 18(1)4, 18(3)9, 18(4)12, 18(4)13
formalized, 9(2)138, 17(1)3
gained, 2(1)65, 10(2)6, 10(4)4
implementation, 1(1)3, 1(1)26, 1(1)66, 2(2)177, 2(4)390, 2(4)416, 7(2)319, 11(1)2, 11(1)3, 11(1)4, 11(3)16, 11(4)18, 11(4)22, 12(1)1, 12(2)10, 12(2)11, 12(3)14, 12(4)22, 13(1)4, 13(3)26, 13(3)27, 14(1)3, 15(1)3, 15(2)8, 15(3)13, 15(4)16, 16(1)1, 16(1)2, 16(3)9, 16(3)10, 16(3)11, 16(4)13, 17(2)5, 17(2)8, 18(1)2, 18(1)3, 18(1)4
implementing, 2(1)3, 13(3)27, 17(4)16
intranet, 2(4)390
Kuhn, D. Richard, 4(3)224
laws, 17(4)13
level, 2(3)269, 2(3)332, 10(1)2, 10(1)4, 11(4)18, 12(1)4, 12(2)8, 12(4)22, 15(2)7, 15(3)12
local, 2(3)269, 11(2)2, 12(1)4, 12(3)17, 14(3)25, 14(4)31, 18(2)6, 18(2)8, 18(4)12
made, 1(1)3, 2(1)105, 12(3)14, 13(4)37, 15(2)10, 18(2)7
manner, 12(2)13, 12(3)14, 14(1)7, 14(3)25, 15(2)10, 18(3)11
market, 17(1)1, 17(4)14
mean, 1(1)26, 2(3)230, 10(3)10, 11(2)2, 12(4)22, 14(1)5, 14(3)27, 15(3)12, 16(2)8, 18(4)14
networked, 12(2)8
NETWORKS, 1(1)66, 2(1)105
NIST, 4(3)224
observation, 2(3)295, 11(2)4, 12(1)4, 13(1)10, 18(1)4
OPERATING, 1(1)3, 2(1)3, 2(1)105
organization, 1(1)66, 2(1)65, 2(1)105, 2(2)159, 2(3)230, 2(3)269, 2(3)332, 2(4)416, 9(2)113, 9(4)391, 10(4)2, 11(1)3, 12(3)15, 14(3)23, 14(3)25
paper, 1(1)66, 1(1)93, 2(1)105, 2(2)138, 2(2)177, 2(3)269, 2(4)390, 7(2)319, 9(2)162, 9(2)181, 9(4)421, 10(1)2, 10(1)4, 10(2)5, 10(2)7, 10(3)9, 10(3)10, 10(3)11, 10(3)12, 10(4)2, 10(4)4, 11(1)2, 11(2)1, 11(2)6, 12(2)12, 14(4)28, 14(4)32
practice, 2(1)65, 11(2)3, 11(3)16, 11(4)17, 12(2)8, 12(3)16, 13(4)34, 14(4)31, 16(2)8, 17(2)6, 17(3)10, 17(4)15
property, 1(1)66, 1(1)93, 2(2)177, 9(4)391, 10(1)2, 10(2)7, 10(2)8, 10(3)9, 11(1)2, 11(3)12, 11(3)13, 12(1)2, 12(1)3, 12(2)8, 12(2)9, 12(3)14, 12(3)18, 12(3)19, 12(4)21, 13(3)26, 13(4)41, 14(2)16, 15(1)4, 15(2)9, 15(2)10, 15(3)14, 15(4)18, 16(1)3, 16(2)5, 17(1)3, 17(1)4, 18(1)3, 18(2)6, 18(2)8, 18(4)12
protection, 1(1)3, 1(1)26, 1(1)66, 1(1)93, 2(1)3, 2(1)105, 2(2)138, 2(2)177, 2(3)230, 2(3)295, 2(4)354, 2(4)390, 10(1)3, 10(3)9, 11(4)20, 12(2)9, 12(2)11, 13(3)22, 14(3)24, 15(1)2, 15(2)8, 16(2)6
prototype, 1(1)3, 10(1)4, 10(4)4, 11(1)2, 11(1)3, 11(4)18, 12(1)4, 12(2)13, 13(4)30, 14(1)3, 16(1)1, 16(2)6, 17(2)5
provide, 1(1)3, 1(1)93, 2(1)3, 2(1)65, 2(1)105, 2(3)230, 2(4)390, 7(2)319, 10(1)3, 10(2)8, 10(3)10, 10(4)2, 10(4)6, 11(1)3, 11(1)4, 11(2)2, 11(3)12, 11(3)13, 11(4)17, 11(4)20, 11(4)23, 12(1)2, 12(1)3, 12(2)8, 12(2)9, 12(3)14, 12(3)15, 12(3)16, 12(4)22, 13(3)22, 13(3)24, 13(4)31, 13(4)34, 13(4)38, 13(4)41, 14(1)4, 14(1)7, 14(1)8, 14(3)25, 14(4)28, 15(2)6, 15(2)10, 15(4)17, 15(4)18, 16(1)3, 16(2)5, 16(3)9, 16(3)11, 16(4)17, 17(2)5, 17(3)11, 17(3)12, 17(4)16, 18(1)1, 18(1)2, 18(2)5, 18(2)7, 18(4)13, 18(4)14
RBAC, 2(1)105, 5(3)332, 7(3)392, 9(4)391, 10(1)2, 10(2)5, 12(1)1, 13(3)24, 13(3)27, 13(4)36, 14(1)3, 15(4)15, 15(4)18, 16(2)5
reference, 2(1)3, 9(2)181, 13(3)26, 16(1)4, 18(1)4
regulations, 13(3)22
resulting, 10(1)2, 10(4)2, 11(4)20, 15(1)4, 15(1)5, 15(2)10, 15(3)13, 15(4)15, 16(3)10, 16(4)17, 17(2)7
role-based, 2(1)3, 2(1)65, 2(1)105, 2(2)177, 3(4)207, 4(1)37, 4(3)191, 4(3)224, 5(4)492, 6(2)201, 6(3)404, 9(4)391, 10(2)5, 10(2)7, 10(4)2, 12(1)1, 12(3)15, 13(3)24, 13(3)27, 13(3)28, 15(3)13, 15(4)15
server, 1(1)66, 2(3)230, 2(4)390, 10(4)4, 11(2)2, 11(2)5, 11(3)14, 12(2)10, 12(3)14, 12(3)16, 12(3)17, 12(4)21, 14(1)3, 14(1)12, 14(4)29, 16(4)13, 16(4)15, 17(2)5, 17(4)15, 18(1)1
set, 2(2)138, 2(4)390, 8(1)3, 9(4)421, 10(2)5, 10(3)12, 10(4)2, 10(4)3, 10(4)5, 11(2)1, 11(2)3, 11(3)13, 11(4)18, 11(4)21, 12(2)11, 12(3)18, 12(3)19, 12(4)20, 12(4)21, 13(1)9, 13(1)10, 13(3)27, 13(4)40, 14(1)12, 14(3)25, 14(4)31, 15(1)2, 15(2)7, 15(2)10, 15(3)13, 15(4)15, 16(1)4, 17(1)2, 17(2)8, 17(3)11, 17(4)13, 17(4)14, 18(1)4, 18(3)10, 18(3)11
software, 1(1)3, 2(1)3, 2(1)105, 2(2)138, 2(2)177, 2(3)295, 2(4)354, 3(1)51, 11(1)2, 12(2)11, 12(2)12, 12(3)14, 12(3)19, 14(1)8, 14(3)24, 14(4)32, 15(2)8, 17(1)1, 17(3)11
standardization, 13(3)28
SYSTEMS, 1(1)3, 2(1)3, 2(1)105
web, 1(1)66, 2(4)390, 4(1)37, 10(2)8, 10(3)12, 11(1)4, 11(2)3, 11(3)15, 12(2)12, 12(3)17, 13(4)39, 14(2)21, 14(3)26, 16(4)13, 16(4)14, 16(4)16, 18(1)1
were, 2(1)105, 10(1)4, 12(3)14, 13(3)25, 13(4)38, 15(3)12, 16(2)8, 16(3)9, 16(3)10, 18(3)9
Wide-Area, 2(3)269