Title :
An RBAC Implementation and Interoperability Standard: The INCITS Cyber Security 1.1 Model
Author :
Coyne, Ed ; Weil, Tim
Author_Institution :
Sci. Applications Int. Corp., San Diego
Abstract :
An operational definition for role-based access control (RBAC) is that permission assignment is based on the role a principal is assuming during a work session. The central underlying concept is thus that IT permissions are assigned to roles rather than directly to users. This level of indirection can provide simpler security administration and finer-grained access control policies.
Keywords :
authorisation; computer crime; open systems; IT permission assignment; cyber security 1.1 model; information technology standard; interoperability; role-based access control; Access control; Command and control systems; Computer security; Government; Information security; Medical services; National security; Permission; Standards development; Switches; Emerging Standards; International Committee for Information Technology Standards (INCITS); RBAC; RBAC Implementation and Interoperability Standard; role-based access control;
Journal_Title :
Security & Privacy, IEEE
