TZI Literaturverzeichnis

WIKINDX Resources

Journal Article: BibTeX citation key:  Mustafa{2008}a
T. Mustafa, K. Sohr, D.-H. Dang, M. Drouineaud and S. Kowski, "Implementing Advanced RBAC Administration Functionality with USE", Electronic Communications of the EASST,, vol. 15, 2008.
Added by: Mirco Kuhlmann 2010-12-15 15:54:45    Last edited by: Karsten Sohr 2010-12-15 18:48:19
Categories: AG-Gogolla, SQuIS
Creators: Dang, Drouineaud, Kowski, Mustafa, Sohr
Collection: {Electronic Communications of the EASST,}

Peer reviewed
Number of views:  540
Popularity index:  23.41%

{Role-based access control (RBAC) is a powerful means for laying out and developing higher-level organizational policies such as separation of duty, and for simplifying the security management process. One of the important aspects of RBAC is authorization constraints that express such organizational policies. While RBAC has generated a great interest in the security community, organizations still seek a flexible and effective approach to impose role-based authorization constraints in their security-critical applications. In particular, today often only basic RBAC concepts have found their way into commercial RBAC products; specifically, authorization constraints are not widely supported. In this paper, we present an RBAC administration tool that can enforce certain kinds of role-based authorization constraints such as separation of duty constraints. The authorization constraint functionality is based upon the OCL validation tool USE. We also describe our practical experience that we gained on integrating OCL functionality into a prototype of an RBAC administration tool that shall be extended to a product in the future.}
Added by: Mirco Kuhlmann    Last edited by: Karsten Sohr

{MoDELS Workshop on OCL~(OCL Concepts and Tools 2008), 19 Pages}
Added by: Mirco Kuhlmann    Last edited by: Karsten Sohr

wikindx      |     Total Resources:  3135     |     Database queries:  36     |     Script execution:  0.48435 secs