|
[1] R. S. Sandhu, P, Samarati, "Access Control: Principles and Practice", IEEE Comm. Magazine, Sep. 1994, p40-48 [2] R.S. Sandhu, E.J. Coyne, "Role-based Access Control Models", IEEE Computer, Feb, 1996, pp.38-47 [3] D.Ferraiolo, J. Cugini, and D.R.Kuhn. "Role Based Access Control: Features and Motivations", In Annual Computer Security Applications Conference. IEEE Compter Society Press, 1995. [4] John Barkley, "Implementing Role Based Access Control using Object Tecnology", First ACM Workshop on Role Based Access Control,November,1995 (http://hissa.ncsl.nist.gov/rbac/rbacot/titlewkshp.html). [5] R.S.Sandhu, et al, "Role-based Access Control: A Multi-Dimensional View", Proc. Of computer Security application Conf., Orlando, Florida, Dex5-9, 1994, pp. 54-62 [6] John Barkley, "Comparing Simple Role Based Access Control Models and Access Control Lists", August, 1997. [7] Fang Chen and Ravi S. Sandhu, "Constraints for Role-Based Access Control", ACM RBAC Workshop, MD, 1996 [8] John F. Barkley, Anthony V. Cincotta, David F. Ferraiolo, Serban Gavrilla, and D. Richard Kuhn, "Role Based Access Control for the World Wide Web", In 20th National Information System Security Conference. NIST/NSA, 1997. [9] David Ferraiolo and Richard Kuhn, "Rold-based Access Controls", In 15th NIST-NCSC National Computer Security Conference, pages 554-563, Baltimore, MD, October 13-16 1992. [10] Luigi Giuri, Pietro Iglio, Fondazione Ugo Bordoni, "A Formal Model For Role-Based Access Control with Constraints", Proceedings 9yh IEEE Computer Security Foundations Workshop, June 1996. [11] Roshan Thomas & Ravi Sandhu ,"Conceptual Foundations for a Model of Task-based Authorizations", Proceedings of the 7th IEEE Computer Security Foundations Workshop, Franconia, NH, June 1994, pages 66-79 [12] Ravi Sandhu, et al. "The ARBAC97 Model for Role-Based Administration of Roles: Preliminary Description and Outline", Proceedings of Second ACM Workshop on Role-Based Access Control, Fairfax, Virginia, November 6-7, 1997 [13] EDWARDG AMOROSO,"FUNDAMENTALS OF COMPUTER SECURITY TECHNOLOGY", 1994 [14] Roshan Thomas & Ravi Sandhu, "Task-based Authorization: A Paradigm for Flexible and Adaptable Access Control in Distributed Application", Proc. 16th NIST-NCSC National Computer Security Conference, Baltimore, MD, Sept, 20-23, 1993, pages 409-415 [15] Jiun-Der Yu,Shyh-In Hwang "Job-based Access Control Model" National Computer Symposium 1999 volume 3 pages 242-247 [16] Ravi S.Sandhu "Role-Based Access Control" September 17.1997 http://www.isse.gmu.edu/faculty/sandhu [17] Dieter Gollmann, ”COMPUTER SECURITY”, 1999 [18] Elisa Bertino, Elena Ferrari, Vijayalakshmi Atluri “A Flexible Model Supporting the Specification and Enforcemant of Role-based Authorization in Workflow Management Systems” In ACM Workshop on Role-Based Access Control, ACM 1997 [19] Elisa Bertino, Elena Ferrari, Vijay Atluri “The Specification and Eeformance Authorization Constrains in Workflow Management Sysyems”, ACM Transactions on Information and System Security, Vol. 2,No 1,February 1999, Pages 65-104. [20] C. Payne, D. Thomsen, J. Bogle and R. O’Brien, “Napoleon:A Recipe for Workflow” IEEE 1999 Pages134-142 [21] Jonathan D. Moffett “Control Principles and Role Hierarchies” 3rd ACM Workshop on Role-Based Access Fairfax VA. Page 63-69 [22] Gail-Joon Ahn, Ravi Sandhu, Myong Kang and Joon Park “Injecting RBAC to Secure a WEB-based Workflow System” [23] Wei-Kuang Huang, Vijayalakshmi Atluri “SecureFlow:A Secure Web-enabled Workflow Management System” In Proc.of the ACM Workshop on Role-based Accesses Control, 1999 Page 83-94
|