Add to ORKGIn this paper we define formally a wide variety of separation-of-duty (SoD) properties, which include the best known to date, and establish their relationships within a formal model of role-based access control (RBAC). The formalism helps remove all ambiguities of informal definition, and offers a wide choice of implementation strategies. We also explore the composability of SoD properties and policies under a simple criterion. We conclude that practical implementation for SoD policies requires new methods and tools for security administration even within applications that already support RBAC, such as most database management systems.
AbstractANSI RBAC is a standard for a consistent and uniform definition on Role Based Access Control...
Role Based Access Control (RBAC) [6] is a popular approach to specify and enforce security policies ...
In operating systems, privilege is used to control the most important resources and functions, so ad...
Separation of Duty (SOD) is a fundamental principle in security systems and has a long history in co...
Separation of duty is an important constraint in role-based access control model and is used to reso...
Role based access control (RBAC) is attracting increasing attention as a security mechanism for both...
Separation of duty is an important constraint in role-based access control model and is used to reso...
Separation of Duty (SoD) is widely recognized to be a fundamental principle in computer security. A ...
Separation of Duty (SoD) is widely considered to be a fundamental principle in computer security. A ...
There are considerable number of approaches to policy specification both for security management and...
International audienceThis paper evaluates the security specification techniques that employ Role Ba...
In today’s business world, many organizations use Information Systems to many their sensitive and bu...
Separation of duty constraints define mutual exclusion relations between two entities (e.g. two perm...
Separation of Duties (SoD) aims at preventing fraud and errors by distributing tasks and associated ...
Separation of duties (SoD) is an important concept aimed to constrain the excessive powers of subjec...
AbstractANSI RBAC is a standard for a consistent and uniform definition on Role Based Access Control...
Role Based Access Control (RBAC) [6] is a popular approach to specify and enforce security policies ...
In operating systems, privilege is used to control the most important resources and functions, so ad...
Separation of Duty (SOD) is a fundamental principle in security systems and has a long history in co...
Separation of duty is an important constraint in role-based access control model and is used to reso...
Role based access control (RBAC) is attracting increasing attention as a security mechanism for both...
Separation of duty is an important constraint in role-based access control model and is used to reso...
Separation of Duty (SoD) is widely recognized to be a fundamental principle in computer security. A ...
Separation of Duty (SoD) is widely considered to be a fundamental principle in computer security. A ...
There are considerable number of approaches to policy specification both for security management and...
International audienceThis paper evaluates the security specification techniques that employ Role Ba...
In today’s business world, many organizations use Information Systems to many their sensitive and bu...
Separation of duty constraints define mutual exclusion relations between two entities (e.g. two perm...
Separation of Duties (SoD) aims at preventing fraud and errors by distributing tasks and associated ...
Separation of duties (SoD) is an important concept aimed to constrain the excessive powers of subjec...
AbstractANSI RBAC is a standard for a consistent and uniform definition on Role Based Access Control...
Role Based Access Control (RBAC) [6] is a popular approach to specify and enforce security policies ...
In operating systems, privilege is used to control the most important resources and functions, so ad...