260,861 Hits in 4.0 sec

Separation of duties for access control enforcement in workflow environments

R. A. Botha, J. H. P. Eloff
2001 IBM Systems Journal  
Previous work on separation of duty requirements often explored implementations based on role-based access control (RBAC) principles.  ...  A distinction between separation of duty requirements that can be enforced in administrative environments, namely static separation of duty, and requirements that can only be enforced in a run-time environment  ...  Thereafter a state-of-the-art review of research regarding separation of duty is given. Role-based access control.  ... 
doi:10.1147/sj.403.0666 fatcat:7m4ciotwqramlkz3ezksroda6m

A framework for separation of duties in an SAP R/3 environment

Adam Little, Peter J. Best
2003 Managerial Auditing Journal  
This paper proposes a framework for adequate separation of duties using a role-based approach in the financial accounting (FI) module of the R/3 system.  ...  This paper proposes a framework for the separation of duties in SAP R/3.  ...  for separation of duties in an SAP R/3 environment .  ... 
doi:10.1108/02686900310476882 fatcat:dfuhmnh7lffhjleumdvivswdwi

Access Control in Document-centric Workflow Systems — An Agent-based Approach

Reinhardt A. Botha, Jan H.P. Eloff
2001 Computers & security  
This paper enumerates three access control requirements of workflow environments, including the well-known principle of separation of duty.  ...  In conclusion it is demonstrated how this model can be implemented in an agent-based architecture.  ...  This paper showed that role-based access control principles are suitable for implementation as an access control mechanism in an agent-based workflow environment.  ... 
doi:10.1016/s0167-4048(01)00613-7 fatcat:s7pw2fav5ncvlibqp6gngleoqe

Security Policies in Distributed CSCW and Workflow Systems

Tanvir Ahmed, Anand R. Tripathi
2010 IEEE transactions on systems, man and cybernetics. Part A. Systems and humans  
Research challenges of role based access control models for security policies in distributed CSCW and workflow systems are presented.  ...  In this paper, we have surveyed Computer-Supported Cooperative Work (CSCW) and workflow systems based on a time-line and have categorized the systems based on their emphasis on user or process interactions  ...  Role based dynamic separation-of-duties: The static "separation of duties" may in some organizations turn out to be overly restrictive.  ... 
doi:10.1109/tsmca.2010.2046727 fatcat:ysjm5nn5hjeehpfa7k3xbmja64

An Access Control Model for Web Services with Dynamic Separation of Duty Rules

Hadiseh SeyyedAlipour, Mehdi Sabbari, Eslam Nazemi
2012 International Journal of Computer Applications  
One of the underlined issues in this model is Separation of Duty (SoD) policy, which is widely considered to be a fundamental security principle for prevention of fraud and errors in information security  ...  In this paper, an access control model is proposed that considers the necessary elements to represent authentication, authorization and access control aspects in SOA environment.  ...  According to the proposed definition of dynamic separation of duty, the concept of separation of duty will be implemented properly.  ... 
doi:10.5120/5694-7469 fatcat:zqgwxr2jffgvpkryq23s6k5uwm

Spatial role-based access control model for wireless networks

F. Hansen, V. Oleshchuk
2003 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484)  
In mobile computing environments (that offers location based services), availability of roles and permissions may depend on users location.  ...  To cope with the spatial requirements, we extend the existing RBAC model and propose a Spatial Role-based Access Control (SRBAC) model that utilize location information in security policy definitions.  ...  RBAC accomplish this by enforcing static separation of duties (SSD) and dynamic separation of duties (DSD).  ... 
doi:10.1109/vetecf.2003.1285394 fatcat:haheebec5fbcjbsngcisbftvxq

Specifying Separation of Duty Constraints in BPEL4People Processes [chapter]

Jan Mendling, Karsten Ploesser, Mark Strembeck
2008 Lecture Notes in Business Information Processing  
In particular, we discuss the importance of "separation of duty" constraints and identify options to specify such constraints in BPEL4People processes.  ...  Moreover, we identify and discuss shortcomings of the BPEL4People specifications that complicate and/or impede separation of duty enforcement.  ...  Static role-based SOD: In essence, static role-based separation of duty demands that two mutually-exclusive roles must not be assigned to the same subject.  ... 
doi:10.1007/978-3-540-79396-0_24 fatcat:5djo4njfyjainmqjkhl5czw4na

MIRBAC: A Role-Based Access Control Model for Multi-Domain Interoperability

Ting Cai, Jun-Zhan Wang
2017 International Journal of Security and Its Applications  
Compared with the prior studies, MIRBAC model supports separation of duties constraint under multi-domain environments, the security and management flexibility of interdomain authorization is greatly improved  ...  interoperable environment, and establish a role-based access control model based on multi-domain interoperability (MIRBAC).  ...  , respectively. for the all static separation of duty (SSD) constrain set and all dynamic separation of duty (DSD) constrain set in the multi-domain environment, respectively. the collection of the user  ... 
doi:10.14257/ijsia.2017.11.6.01 fatcat:zfgwbuxnbbfrnb3zbzoq6tqkva

Context-Dependent Access Control for Web-Based Collaboration Environments with Role-Based Approach [chapter]

Ruben Wolf, Markus Schneider
2003 Lecture Notes in Computer Science  
Furthermore, we show how to model this kind of context-dependent access control for web-based collaboration environments by using role-based concepts.  ...  Controlling access to resources is one of the most important protection goals for web-based collaboration environments in practice.  ...  conflicting roles simultaneously (dynamic separation of duty).  ... 
doi:10.1007/978-3-540-45215-7_22 fatcat:nmscmb2lxrbvzf72rwkbk7ij4y

Formal Description for an Object-Oriented Role-based Access Control Model

Chungen Xu, Sheng Gong
2009 Computer and Information Science  
control technology of RBAC in large-scale Web environments.  ...  In this paper, we develop a general model to control users' behaviors based on their roles actively, and proposes a framework of well-defined Formal Description for developers to build application-level  ...  There are two subtypes of SD: Static Separation of Duties (SSD) and Dynamic Separation of Duties (DSD).  ... 
doi:10.5539/cis.v2n2p68 fatcat:4f7hfix5prbg7dqstw6xdo45ky

Expertise Knowledge-Based Policy Refinement Process

Taufiq Rochaeli, Claudia Eckert
2007 Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07)  
Approve application Apply separation of duty Apply separation of duty Apply separation of duty 25.06.2007 POLICY '07, Bologna, Italy 5 Refining the State Labels • Source of the policy refinement  ...  s1 s2 s3 s4 Submit loan application Check rating Reevaluate application Grant application Apply separation of duty Apply separation of duty Apply separation of duty Prevent fraud  ... 
doi:10.1109/policy.2007.23 dblp:conf/policy/RochaeliE07 fatcat:wlxmolwesfb7rivyytoacgujmy

Dynamic Role-Based Access Control Model

Jun Zheng, Kun Qi Zhang, Wen Shang Zheng, An Yu Tan
2011 Journal of Software  
RBAC authorizes and controls the roles corresponding to the users to operate the object. It solves problems of least privilege, separation of duties and so on.  ...  With the rapid development of network and the coming of information age, access control is particularly important, role-based access control (RBAC) is an access control which is popular.  ...  ACKNOWLEDGEMENTS This work is partially funded by the Key Laboratory of Intelligent Information Technology of Beijing, China.We thank our colleagues for helpful discussions.  ... 
doi:10.4304/jsw.6.6.1096-1102 fatcat:2nku3qgpijcfzkb67jjvg47i4q


T. Finin, A. Joshi, L. Kagal, J. Niu, R. Sandhu, W. Winsborough, B. Thuraisingham
2008 Proceedings of the 13th ACM symposium on Access control models and technologies - SACMAT '08  
This paper studies the relationship between the Web Ontology Language (OWL) and the Role Based Access Control (RBAC) model.  ...  In parallel, and almost separately, researchers have developed policy languages for access control.  ...  Static and dynamic separation of duty The representation of static and dynamic separation of duty constraints is also more complicated here than in the earlier 'roles as classes' approach.  ... 
doi:10.1145/1377836.1377849 dblp:conf/sacmat/FininJKNSWT08 fatcat:m7lxuep7kndcpbqhx2nvypkrce

Dynamic Collaborations for Information Sharing within and across Virtual Teams

Ahmad Kamran Malik, Schahram Dustdar
2011 2011 Frontiers of Information Technology  
We extend the widely used Role-Based Access Control (RBAC) model with team and task entities in addition to sharing and privacy data elements.  ...  In such a dynamic environment, information sharing and privacy are critical issues for users, their teams and enterprises.  ...  Dynamic separation of duty is used to restrict number of roles activated in a session. DySP-RBAC uses team-based and task-based SoD constraints in addition to role-based SoD constraints.  ... 
doi:10.1109/fit.2011.45 dblp:conf/fit/MalikD11 fatcat:mt7w3u4oobblbfc4isu6gjei2i

Specifying and enforcing constraints in role-based access control

Jason Crampton
2003 Proceedings of the eighth ACM symposium on Access control models and technologies - SACMAT '03  
Constraints in access control in general and separation of duty constraints in particular are an important area of research.  ...  Finally, we propose a model for a scalable role-based reference monitor, based on dynamic access control structures, that can be used to enforce constraints in an efficient manner.  ...  Dynamic separation of duty typically constrains the activation of roles and invocation of permissions in the run-time environment.  ... 
doi:10.1145/775412.775419 dblp:conf/sacmat/Crampton03 fatcat:aj3uzg3yknd5bht4n7y7onxwv4
« Previous Showing results 1 — 15 out of 260,861 results