1 I N T R O D U C T I O N Role-based access control (RBAC) has recently received considerable attention as a promising alternative to traditional discretionary and mandatory access controls (see, for example, [FK92, SCY96, SCFY96]). In RBAC permissions are associated with roles, and users are made members of appropriate roles thereby acquiring the roles' permissions. This greatly simplifies man...

Information privacy is usually concerned with the confidentiality of personal identifiable information (PII) and protected health information (PHI) such as electronic medical records. Thus, the information access control mechanism for e-Healthcare services must be embedded with privacy-enhancing technologies. Role-based Access Control (RBAC) model has been widely investigating and applying into...

We demonstrate how access control models and policies can be represented by using term rewriting systems, and how rewriting may be used for evaluating access requests and for proving properties of an access control policy. We focus on two kinds of access control models: discretionary models, based on access control lists (ACLs), and rolebased access control (RBAC) models. For RBAC models, we sh...

Role-Based Access Control (RBAC) is a method to manage and control a host in a distributed manner by applying the rules to the users on a host. This paper proposes a rule based intrusion protection system based on RBAC. It admits or rejects users to access the network resources by applying the rules to the users on a network. Proposed network intrusion protection system has been designed and im...

The collaboration among different organizations is considered one of the main benefits moving applications and services to a cloud computing environment. Unfortunately, this raises many challenges such as access sensitive resources by unauthorized people. Usually, role based access-control (RBAC) Model deployed in large organizations. work paper mainly considering authorization scalability prob...

Knowledge Management System (KMS) is a tool to support knowledge management (KM) and nowadays it has been a priority to the organizations as to protect the organization intellectual assets. The evolution of internet has brought KMS becomes more powerful while it can serve users in collaborative system. However, though the excitement of expanding KMS capabilities, security issue is critical due ...

Access control plays an important part in IT systems these days. Specifically Role-Based Access Control (RBAC) has been widely adopted in practice. One of the major challenges within the introduction of RBAC into an organization is the policy definition. Modeling technologies provide support by allowing to design and to validate a policy. In this work we apply a UML and OCL based domain-specifi...

(ABAC) mechanisms are gaining in popularity while the role-based access control (RBAC) mechanism is widely accepted as a general mechanism for authorization management. This paper proposes a new access control model, CRBAC, which aims to combine the advantages of RBAC and ABAC, and integrates all kinds of constraints into the RBAC model. Unlike other work in this area, which only incorporates o...

Workflow systems play an essential role in today’s enterprises by providing automatic manipulation of business processes. As an integral part of workflow systems, workflow security has received extensive attentions, within which role-based access control (RBAC) mechanism and separation of duty (SoD) constraints are important topics. RBAC is a natural mechanism to lighten the complexity of secur...

Role-based access control (RBAC) models are becoming a de facto standard, greatly simplifying management and administration tasks. Organizational constraints were introduced (e.g.: mutually exclusive roles, cardinality, prerequisite roles) to reflect peculiarities of organizations. Thus, the number of rules is increasing and policies are becoming more and more complex: understanding and analyzi...