Boston : , : Artech House, , ©2003

[Piscataqay, New Jersey] : , : IEEE Xplore, , [2003]

1-58053-324-8

1 online resource (336 p.)

Artech House computer security series

KuhnD. Richard

ChandramouliRamaswamy

005.8

Computers - Access control

Computer security

Computer networks - Access control

Inglese

Description based upon print version of record.

Includes bibliographical references and index.

Role-Based Access Control; Contents vii; Preface xv; Acknowledgements xvii; Chapter 1 Introduction 1; Chapter 2 Access Control Policy, Models, and Mechanisms--Concepts and Examples 27; Chapter 3 Core RBAC Features 51; Chapter 4 Role Hierachies 67; Chapter 5 SoD and Constraints in RBAC Systems 91; Chapter 6 RBAC, MAC, and DAC 121; Chapter 7 NIST's Proposed RBAC Standard 141; Chapter 8 Role-Based Administration of RBAC 155; Chapter 9 Enterprise Access Control Framework Using RBAC and XML Technologies 179; Chapter 10 Integrating RBAC with Enterprise IT Infrastructures 211

Chapter 11 Migrating to RBAC--Case Study: Multiline Insurance Company 255Chapter 12 RBAC Features in Commercial Products 265; References 293; Appendix A 295; Appendix B 299; About the authors 303; Index 305

Role-based access control (RBAC) is a security mechanism that can greatly lower the cost and complexity of security administration for large networked applications. RBAC simplifies security administration by using roles, hierarchies, and constraints to organize privileges. This book explains these components of RBAC, as well as how to support

and administer RBAC in a networked environment and how to integrate it with existing infrastructure.