GENERALIZATION AND ENFORCEMENT OF ROLE-BASED ACCESS CONTROL USING A NOVEL EVENT-BASED APPROACH

Attribute-based Access Control (ABAC) was recently proposed as a general model which is able to capture the main existing access control models. This paper discusses the problems of configuring ABAC and engineering access policies. We question how to design attributes, how to assign attributes to subjects, objects, actions, and how to formulate access policies which bind subjects to objects and...

The United Kingdom National Health Service strategy is to have a full electronic health records service available nationally by 2008. Secure, scalable, access control infrastructure will be critical to the success of such an initiative. To this end, a prototype for such a service, built over the OASIS role-based access control architecture is presented. How the implementation achieves scalabili...

Administrative role-based access control (ARBAC) is the first comprehensive administrative model proposed for role-based access control (RBAC). ARBAC has several features for designing highly expressive policies, but current work has not highlighted the utility of these expressive policies. In this report, we present a case study of designing an ARBAC policy for a bank comprising 18 branches. U...

Institutional collaborative systems focus on providing the fast, and secure connections to students, teaching and non-teaching staff members. Access control is more important in these types of systems because different kind of users access the system on different levels. So a proper architecture must be there for these kinds of systems, for providing an efficient and secure system. As lot of wo...

Access control to resources is one of the most important technologies for supporting human activities in the digital space. To realize the control two schemes were proposed: RBAC (Role-Based Access Control) and TRBAC (Temporal Role-Based Access Control) by adding time constraints and role dependencies to RBAC. However, these methods are not effective for temporal activities such as visitor acce...