Role-Based Access Control.
Material type: TextPublisher: Norwood : Artech House, 2003Copyright date: ©2003Edition: 2nd edDescription: 1 online resource (336 pages)Content type: text Media type: computer Carrier type: online resourceISBN: 9781580533249Subject(s): Computer networks -- Access control | Computer security | Computers -- Access controlGenre/Form: Electronic books.Additional physical formats: Print version:: Role-Based Access ControlDDC classification: 005.8 LOC classification: QA76.9.A25 -- F47 2003ebOnline resources: Click to ViewRole-Based Access Control -- Contents vii -- Preface xv -- Acknowledgements xvii -- Chapter 1 Introduction 1 -- 1.1 The purpose and fundamentals of access control 2 -- 1.2 A brief history of access control 6 -- 1.3 Comparing RBAC to DAC and MAC 16 -- 1.4 RBAC and the enterprise 18 -- References 23 -- Chapter 2 Access Control Policy, Models, and Mechanisms--Concepts and Examples 27 -- 2.1 Policy, models, and mechanisms 27 -- 2.2 Subjects and objects 30 -- 2.3 Reference monitor and security kernel 31 -- 2.4 DAC policies 35 -- 2.5 Access control matrix 36 -- 2.6 MAC policies and models 39 -- 2.7 Biba's integrity model 41 -- 2.8 Clark-Wilson model 42 -- 2.9 The Chinese wall policy 44 -- 2.10 The Brewer-Nash model 45 -- 2.11 Domain-type enforcement model 46 -- References 48 -- Chapter 3 Core RBAC Features 51 -- 3.1 Role versus ACL groups 53 -- 3.2 Core RBAC 55 -- 3.3 Mapping the enterprise view to the system view 59 -- Chapter 4 Role Hierachies 67 -- 4.1 Building role hierarchies from flat roles 68 -- 4.2 Inheritance schemes 69 -- 4.3 Hierarchy structures and inheritance forms 75 -- 4.4 Accounting for role types 83 -- 4.5 General and limited role hierarchies 84 -- 4.6 Accounting for the Standford model 87 -- References 89 -- Chapter 5 SoD and Constraints in RBAC Systems 91 -- 5.1 Types of SoD 94 -- 5.2 Using SoD in real systems 101 -- 5.3 Temporal constraints in RBAC 112 -- References 117 -- Chapter 6 RBAC, MAC, and DAC 121 -- 6.1 Enforcing DAC using RBAC 122 -- 6.2 Enforcing MAC on RBAC systems 125 -- 6.3 Implementing RBAC on MLS systems 130 -- 6.4 Running RBAC and MAC simultaneously 136 -- References 138 -- Chapter 7 NIST's Proposed RBAC Standard 141 -- 7.1 Overview 141 -- 7.2 Funtional specification packages 142 -- 7.3 The RBAC reference model 144 -- 7.4 Functional specification overview 145 -- 7.5 Functional specification for core RBAC 146.
7.6 Functional specification for hierarchical RBAC 147 -- 7.7 Functional specification for SSD relation 150 -- 7.8 Functional specification for a DSD relation 152 -- Reference 153 -- Chapter 8 Role-Based Administration of RBAC 155 -- 8.1 Background and terminology 155 -- 8.2 URA02 and PRA02 158 -- 8.3 Crampton-Loizou adminstrative model 162 -- 8.4 Role control center 169 -- References 178 -- Chapter 9 Enterprise Access Control Framework Using RBAC and XML Technologies 179 -- 9.1 Conceptual view of EAFs 179 -- 9.2 Enterprise Access Central Model Requirements 182 -- 9.3 EAM specification and XML schemas 184 -- 9.4 Specification of the ERBAC model in the XML schema 186 -- 9.5 Encoding of enterprise access control data in XML 193 -- 9.6 Verification of the ERBAC model and data specifications 197 -- 9.7 Limitations of XML schemas for ERBAC model constraint representation 198 -- 9.8 Using XML-encoded enterprise access control data for enterprisewide access control implementation 202 -- 9.9 Conclusion 208 -- References 208 -- Chapter 10 Integrating RBAC with Enterprise IT Infrastructures 211 -- 10.1 RBAC for WFMSs 212 -- 10.2 RBAC intergration in Web environments 220 -- 10.3 RBAC for UNIX envrionments 231 -- 10.4 RBAC in Java 239 -- 10.5 RBAC for FDBSs 246 -- 10.6 RBAC in autonomous security service modules 249 -- 10.7 Conclusions 251 -- References 251 -- Chapter 11 Migrating to RBAC--Case Study: Multiline Insurance Company 255 -- 11.1 Background 256 -- 11.2 Benefits of using RBAC to manage extranet users 256 -- 11.3 Benfits of using RBAC to manage employees (intranet users) 259 -- 11.4 RBAC implementation costs 260 -- 11.5 Time series of benefits and costs 262 -- Reference 264 -- Chapter 12 RBAC Features in Commerical Products 265 -- 12.1 RBAC in relational DBMS products 266 -- 12.2 RBAC in enterprise security administration software 274.
12.3 Conclusions 292 -- References 293 -- Appendix A 295 -- Appendix B 299 -- About the authors 303 -- Index 305.
Role-based access control (RBAC) is a security mechanism that can greatly lower the cost and complexity of security administration for large networked applications. RBAC simplifies security administration by using roles, hierarchies, and constraints to organize privileges. This book explains these components of RBAC, as well as how to support and administer RBAC in a networked environment and how to integrate it with existing infrastructure.
Description based on publisher supplied metadata and other sources.
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2018. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
There are no comments on this title.