| Document Type
|
:
|
BL
|
| Record Number
|
:
|
997384
|
| Doc. No
|
:
|
b751754
|
| Main Entry
|
:
|
Ferraiolo, David.
|
| Title & Author
|
:
|
Role-based access control /\ David F. Ferraiolo, D. Richard Kuhn, Ramaswamy Chandramouli.
|
| Edition Statement
|
:
|
2nd ed.
|
| Publication Statement
|
:
|
Boston :: Artech House,, ©2007.
|
| Series Statement
|
:
|
Artech House information security and privacy series
|
| Page. NO
|
:
|
1 online resource (xix, 381 pages) :: illustrations.
|
| ISBN
|
:
|
1596931140
|
|
|
:
|
: 1596932074
|
|
|
:
|
: 9781596931145
|
|
|
:
|
: 9781596932074
|
|
|
:
|
1596931132
|
|
|
:
|
9781596931138
|
| Bibliographies/Indexes
|
:
|
Includes bibliographical references and index.
|
| Contents
|
:
|
Preface; Acknowledgments; Chapter 1 Introduction; Chapter 2 Access Control: Properties, Policies, and Models; Chapter 3 Core RBAC Features; Chapter 4 Role Hierarchies; Chapter 5 SoD and Constraints in RBAC Systems; Chapter 6 RBAC, MAC, and DAC; Chapter 7 Privacy and Regulatory Issues; Chapter 8 RBAC Standards and Profiles; Chapter 9 Role-Based Administration of RBAC; Chapter 10 Role Engineering; Chapter 11 Enterprise Access Control Frameworks Using RBAC and XML Technologies; Chapter 12 Integrating RBAC with Enterprise IT Infrastructures
|
|
|
:
|
Chapter 13 Migrating to RBAC-Case Study: Multiline Insurance CompanyChapter 14 RBAC Features in Commercial Products; Appendix A: XML Schema for the RBAC Model; Appendix B: XML-Encoded Data for RBAC Model
|
| Abstract
|
:
|
This newly revised edition of the Artech House bestseller, Role-Based Access Control, offers you the very latest details on this sophisticated security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edition provides more comprehensive and updated coverage of access control models, new RBAC standards, new in-depth case studies and discussions on role engineering and the design of role-based systems. The book shows you how RBAC simplifies security administration by using roles, hierarchies, and constraints to manage the review and control of organizational privileges. Moreover, it explains how RBAC makes it possible to specify many types of enterprise security policies. This unique resource covers all facets of RBAC, from its solid model-theoretic foundations to its implementation within commercial products. You learn how to use RBAC to emulate other access control models and find frameworks and tools for administering RBAC. Research prototypes that have incorporated RBAC into various classes of software like WFMS, Web server, OS (Unix) and Java (JEE) are reviewed. Products implementing RBAC features such as relational DBMS and Enterprise Security Administration (ESA) systems are described to serve as a guide to the state of practice of RBAC.
|
| Subject
|
:
|
Computer networks-- Access control.
|
| Subject
|
:
|
Computer security.
|
| Subject
|
:
|
Computers-- Access control.
|
| Subject
|
:
|
Computer networks-- Access control.
|
| Subject
|
:
|
Computer security.
|
| Subject
|
:
|
Computers-- Access control.
|
| Subject
|
:
|
COMPUTERS-- Internet-- Security.
|
| Subject
|
:
|
COMPUTERS-- Networking-- Security.
|
| Subject
|
:
|
COMPUTERS-- Security-- General.
|
| Subject
|
:
|
Computersicherheit
|
| Subject
|
:
|
Rollenbasierte Zugriffskontrolle
|
| Subject
|
:
|
Sécurité informatique.
|
| Dewey Classification
|
:
|
005.8
|
| LC Classification
|
:
|
QA76.9.A25F47 2007eb
|
| NLM classification
|
:
|
ST 276rvk
|
| Added Entry
|
:
|
Chandramouli, Ramaswamy.
|
|
|
:
|
Kuhn, D. Richard.
|