Role-Based Access Control (RBAC) has been increasingly popular due to its efficiency, flexibility, and scalability. Traditionally, RBAC is concerned with Separation of Duty (SoD) among roles and role hierarchies. However, there have been demands for extensions of RBAC as environments of RBAC systems have changed. As part of response to the demands, privacy RBAC and temporal RBAC have been propo...

As control systems become more distributed and they are implemented with smaller hardware and software components, implementing the necessary communication links becomes challenging. There are considerable technical difficulties in guaranteeing upper bounds for latencies in motion or machine control, synchronizing the execution and communication of distributed components, taking corrective acti...

Ambient assisted living is a new interdisciplinary field aiming at supporting senior citizens in their home by means of embedded technologies. This domain offer an interesting challenge for providing dependability and security in a privacy-respecting way: in order to provide services in an emergency we cannot monitor on a second-by-second base a senior citizen. Beside being immoral, it would be...

Pervasive computing applications use the knowledge of the environment to provide better services and functionality to the end user. Access control for such applications needs to use contextual information. Towards this end, we proposed an access control model based on RBAC that uses the environmental contexts time and location to determine whether a user can get access to some resource. The mod...

Information federations promise an enhanced collaboration between individual stakeholders in the life cycle of commercial products, including software and hardware products from arbitrary business sectors. However, information sharing across corporate borders must be controlled by tailored mechanisms for enforcing individual business confidentiality and integrity requirements. One influential c...

Even though the final objective of an access control model is to provide a framework to decide if actions performed by subjects on objects are permitted or not, it is not convenient to directly specify an access control policy using concepts of subjects, objects and actions. This is why the Role Based Access Control (RBAC) model suggests using the concept of role as a more abstract concept than...

We propose a new static approach to Role-Based Access Control (RBAC) policy enforcement. The static approach we advocate includes a new design methodology, for applications involving RBAC, which integrates the security requirements into the system’s architecture. We apply this new approach to policies restricting calls to methods in Java applications. We present a language to express RBAC polic...

One reason workflow systems have been criticized as being inflexible is that they lack support for delegation. This paper shows how delegation can be introduced in a workflow system by extending the role-based access control (RBAC) model. The current RBAC model is a security mechanism to implement access control in organizations by allowing users to be assigned to roles and privileges to be ass...

This paper argues that Napoleon, a flexible, role-based access control (RBAC) modeling environment, is also a practical solution for enforcing business process control, or workflow, policies. Napoleon provides two important benefits for workflow: simplified policy management and support for heterogeneous, distributed systems. We discuss our strategy for modeling workflow in Napoleon, and we pre...

Though RBAC has been researched for many years as a current dominant access control technology, there are few researches to be done to address the further extension of the role which is the fundamental entity of RBAC. This paper tries to extend the role to a further level, the role attributes. Through the attributes, the function and operation on the role can be enhanced and extended. Through t...