We propose a new static approach to Role-Based Access Control (RBAC) policy enforcement. The static approach we advocate includes a new design methodology, for applications involving RBAC, which integrates the security requirements into the system’s architecture. We apply this new approach to policies restricting calls to methods in Java applications. We present a language to express RBAC polic...

Many initiatives exist that integrate e-health systems on a large scale. One of the main technical challenges is access control, although several frameworks and solutions, like XACML, are becoming standard practice. Data is no longer shared within one affinity domain but becomes ubiquitous, which results in a loss of control. As patients will be less willing to participate without additional co...

This paper presents a modelling and simulation framework for analysing Access Control List (ACL) implementation on Internet devices. It uses the established modelling/simulation techniques of abstraction and simplification to isolate the essential components of the system from peripheral issues. As a case study, the viability of a simple real-time optimisation technique is demonstrated.

One reason workflow systems have been criticized as being inflexible is that they lack support for delegation. This paper shows how delegation can be introduced in a workflow system by extending the role-based access control (RBAC) model. The current RBAC model is a security mechanism to implement access control in organizations by allowing users to be assigned to roles and privileges to be ass...

This memo outlines high-level requirements for the integration of flexible Mandatory Access Control (MAC) functionality into the Network File System (NFS) version 4.2 (NFSv4.2). It describes the level of protections that should be provided over protocol components and the basic structure of the proposed system. The intent here is not to present the protocol changes but to describe the environme...

This paper argues that Napoleon, a flexible, role-based access control (RBAC) modeling environment, is also a practical solution for enforcing business process control, or workflow, policies. Napoleon provides two important benefits for workflow: simplified policy management and support for heterogeneous, distributed systems. We discuss our strategy for modeling workflow in Napoleon, and we pre...

Though RBAC has been researched for many years as a current dominant access control technology, there are few researches to be done to address the further extension of the role which is the fundamental entity of RBAC. This paper tries to extend the role to a further level, the role attributes. Through the attributes, the function and operation on the role can be enhanced and extended. Through t...

Tourism is seen as an industry that has the potential to provide sustainable economic foundations for indigenous communities in Australia. This article identifies online technology as contributing to the capacity for indigenous communities to access the benefits of tourism. Indigenous communities engaged in tourism can utilize the Internet to supply the tourism product as well as deliver much n...

There have been many security solutions to secure representation in the work flow used in business processes and Grid Networks. Most of these solutions try to provide maximum security in workflow processes and most of them are used Role-Based Access Control model (RBAC). Capability Role-Base Access Control (CRBAC) is one of the models that are used to model RBAC which in this paper, we introduc...

Anonymising proxies are a growing problem for organisations as more people become aware of their capabilities. These proxy sites enable users to bypass the network’s filtering system leaving the network open to banned content and harmful threats. Network administrators do try to block these online proxy sites, but with a growing number of new sites created, this task is not a trivial one. Many ...