Role-based access control (RBAC) is used for managing authorisation in IT systems, by utilising the concept of roles. Existing approaches do not clearly define the term "role" in its different contexts as well as not considering the relation between roles and business process modelling. Therefore this work introduces business and system role-based access control (B&S-RBAC). Established role-based access control models are extended with a business perspective and the term role is defined from a business and from an IT perspective, resulting in business and system roles. The relation between them is shown in a meta-model and the usage of business roles for secure business process modelling is explained
Access control is currently one of the most important topics in ICT security. The main areas of rese...
Abstract. This paper focuses on problems of access control for business processes. The subject of th...
Role Based Access Control (RBAC) [6] is a popular approach to specify and enforce security policies ...
Role-based access control (RBAC) is used for managing authorisation in IT systems, by utilising the ...
The basic concept of role-based access control (RBAC) is that permissions are associated with roles,...
The paper focuses on role engineering which is an important topic in the development of access contr...
The administration of users and their related permissions in the IT environment is a complex and exp...
Abstract This article introduces a family of reference models for role-based access control (RBAC) i...
Recently there has been considerable interest in role-based access control (RBAC) as an alternative,...
The role-based access control (RBAC) model has proven to be cost effective to reduce the complexity ...
In this paper we describe the work in progress with a process-oriented approach for role-finding to ...
The proper management of privacy and security constraints in information systems in general and acce...
Role-based Access Control (RBAC) models have been implemented not only in self-contained resource ma...
Role-Based Access Control (RBAC) has been a success in terms of the amount of research that went int...
In large organizations with tens of thousands of employees, managing individual people’s permissions...
Access control is currently one of the most important topics in ICT security. The main areas of rese...
Abstract. This paper focuses on problems of access control for business processes. The subject of th...
Role Based Access Control (RBAC) [6] is a popular approach to specify and enforce security policies ...
Role-based access control (RBAC) is used for managing authorisation in IT systems, by utilising the ...
The basic concept of role-based access control (RBAC) is that permissions are associated with roles,...
The paper focuses on role engineering which is an important topic in the development of access contr...
The administration of users and their related permissions in the IT environment is a complex and exp...
Abstract This article introduces a family of reference models for role-based access control (RBAC) i...
Recently there has been considerable interest in role-based access control (RBAC) as an alternative,...
The role-based access control (RBAC) model has proven to be cost effective to reduce the complexity ...
In this paper we describe the work in progress with a process-oriented approach for role-finding to ...
The proper management of privacy and security constraints in information systems in general and acce...
Role-based Access Control (RBAC) models have been implemented not only in self-contained resource ma...
Role-Based Access Control (RBAC) has been a success in terms of the amount of research that went int...
In large organizations with tens of thousands of employees, managing individual people’s permissions...
Access control is currently one of the most important topics in ICT security. The main areas of rese...
Abstract. This paper focuses on problems of access control for business processes. The subject of th...
Role Based Access Control (RBAC) [6] is a popular approach to specify and enforce security policies ...