Role-based access control (RBAC) and attribute-based access control (ABAC) are currently the most prominent access control models. However, they both suffer from limitations and have features complimentary to each other. Due to this fact, integration of RBAC and ABAC has become a hot area of research recently. We propose an access control model that combines the two models in a novel way in ord...

Among access control models, Role-Based Access Control (RBAC) is very useful and is used in many computer systems. Static Combination of Duty (SCD) and Dynamic Combination of Duty (DCD) constraints have been introduced recently for this model to handle dependent roles. These roles must be used together and can be considered as a contrary point of conflicting roles. In this paper, we propose sev...

This paper describes a simplified and corrected specification of role-based access control (RBAC) based on the specification in the ANSI standard for RBAC. The simplifications and corrections were made while following a systematic method for deriving efficient implementations from straightforward implementations of clear specifications. The method allows specifications to be written clearly wit...

A temporarily-spatially constrained model based on TRBAC (Task-Role Based Access Control) is proposed in workflow system. Temporary and spatial Constraint is that user is not only constrained by temporality, but also constrained by spatiality when user executes the task. The model suggests that a property of security level should be increased in task. The newly increased property can make the w...

The secure interaction between two or more administrative domains is a major concern. We examine the issues of secure interoperability between two security domains operating under the Role Based Access Control (RBAC) Model. We propose a model that quickly establishes a exible policy for dynamic role translation. The role hierarchies of the local and foreign domains can be manipulated through ou...

This paper describes a corrected and simplified specification of role-based access control (RBAC) based on the specification in the ANSI standard for RBAC. We give a complete specification of core RBAC, explaining the methodology we used in developing it; we then give a complete specification of hierarchical RBAC, with an additional option for managing the relationship on roles; and we also des...

2 Abstract Role-based access control (RBAC) is a promising alternative to traditional discretionary and mandatory access controls. In RBAC permissions are associated with roles, and users are made members of appropriate roles thereby acquiring the roles' permissions. In this paper we formally show that lattice-based mandatory access controls can be enforced by appropriate connguration of RBAC c...

Since its formalization RBAC has become the yardstick for the evaluation of access control formalisms. In order to meet organizational needs, it has been extended along several directions: delegation, separation of duty, history-based access control, etc. We propose in this paper an access control language in which RBAC and all the above-listed extensions can be encoded. In contrast with Cassan...