Role-based access control (RBAC) is increasingly attracting attention because it reduces the complexity and cost of security administration by interposing the notion of role in the assignment of permissions to users. In this paper we present a formal framework relying on an extension of the pi calculus to study the behavior of concurrent systems in a RBAC scenario. We define a type system ensuring that the specified policy is respected during computations, and a bisimulation to equate systems. The theory is then applied to three meaningful examples, namely finding the 'minimal' policy to run a given system, refining a system to be run under a given policy (whenever possible), and minimizing the number of users in a given system without chan...
Role-based access control (RBAC) has become today's dominant access control model, and many of its t...
Abstract. Role-based access control (RBAC) is recognized as an excellent model for access control in...
Abstract. To date, no methodical approach has been found to integrate multiple access control extens...
Role-based access control (RBAC) is increasingly attracting attention because it reduces the complex...
Role-based access control (RBAC) is increasingly attracting attention because it reduces the comple...
Rôle-based access control (RBAC) is increasingly attracting attention because it reduces the comple...
International audienceSince its formalization RBAC has become the yardstick for the evaluation of ac...
We study some of the concepts, protocols, and algorithms for access control in distributed systems, ...
The basic concept of role-based access control (RBAC) is that permissions are associated with roles,...
The administration of large Role-Based Access Control (RBAC) systems is a challenging problem. In or...
Abstract. Making correct access-control decisions is central to security, which in turn requires acc...
Abstract. Role-based access control (RBAC) has been acknowledged as an effective mechanism for speci...
Abstract. This paper presents a framework for representing and distributing access control policies ...
Our society is increasingly moving towards richer forms of information exchange where mobility of pr...
In practice, assigning access permissions to users must satisfy a variety of constraints motivated b...
Role-based access control (RBAC) has become today's dominant access control model, and many of its t...
Abstract. Role-based access control (RBAC) is recognized as an excellent model for access control in...
Abstract. To date, no methodical approach has been found to integrate multiple access control extens...
Role-based access control (RBAC) is increasingly attracting attention because it reduces the complex...
Role-based access control (RBAC) is increasingly attracting attention because it reduces the comple...
Rôle-based access control (RBAC) is increasingly attracting attention because it reduces the comple...
International audienceSince its formalization RBAC has become the yardstick for the evaluation of ac...
We study some of the concepts, protocols, and algorithms for access control in distributed systems, ...
The basic concept of role-based access control (RBAC) is that permissions are associated with roles,...
The administration of large Role-Based Access Control (RBAC) systems is a challenging problem. In or...
Abstract. Making correct access-control decisions is central to security, which in turn requires acc...
Abstract. Role-based access control (RBAC) has been acknowledged as an effective mechanism for speci...
Abstract. This paper presents a framework for representing and distributing access control policies ...
Our society is increasingly moving towards richer forms of information exchange where mobility of pr...
In practice, assigning access permissions to users must satisfy a variety of constraints motivated b...
Role-based access control (RBAC) has become today's dominant access control model, and many of its t...
Abstract. Role-based access control (RBAC) is recognized as an excellent model for access control in...
Abstract. To date, no methodical approach has been found to integrate multiple access control extens...