The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - Nov.-Dec. (2011 vol.13)
pp: 54-57
Edward J. Coyne , High Performance Technologies, Inc.
Timothy R. Weil , Raytheon Polar Services
Rick Kuhn , US National Institute of Standards and Technology
ABSTRACT
<p>Most of today's large firms use some form of role-based access control (RBAC) to support thousands of users and permission controls. Recognizing the need for some commonality among the various RBAC models, the National Institute of Standards and Technology proposed the NIST Model for RBAC in 2000. NIST is now working to update and enhance this standard.</p>
INDEX TERMS
Keywords: Standards, role-based access control (RBAC), role engineering, information technology
CITATION
Edward J. Coyne, Timothy R. Weil, Rick Kuhn, "Role Engineering: Methods and Standards", IT Professional, vol.13, no. 6, pp. 54-57, Nov.-Dec. 2011, doi:10.1109/MITP.2011.105
REFERENCES
1. A.C. O'Connor and R.J. Loomis, "Economic Analysis of Role-Based Access Control," Research Triangle Inst., Dec. 2010; http://csrc.nist.gov/groups/SNS/rbac/documents 20101219_RBAC2_Final_Report.pdf.
2. "The President," Critical Infrastructure Executive Order 13010, Federal Register, vol. 61, no. 138, 1996; http://frwebgate.access.gpo.gov/cgi-bingetdoc.cgi?dbname=1996_register&docid=fr17jy96-92.pdf .
3. "Presidential Directive 63," Presidential Decision Directive, 22 May 1998; www.fas.org/irp/offdocs/pddpdd-63.htm.
4. "Critical Infrastructure Protection in the Information Age," Executive Order EO13231, 16 Oct. 2001; www.fas.org/irp/offdocs/eoeo-13231.htm.
5. Standard CIP–007–1, Cyber Security—Systems Security Management, North America Electric Reliability Corp., 2009; www.nerc.com/filesCIP-007-1.pdf.
6. K.D. Gordon et al., "Accounting Data Security at JEA Using Role-Based Access Controls," University of North Florida, 2011; http://aaahq.org/AM2011display.cfm?Filename=SubID%5F2382%2Epdf&MIMEType=application%2Fpdf .
7. E.J. Coyne, D.R. Kuhn, and T.R. Weil, "ANSI/INCITS 459-2011," Information Technology: Requirements for the Implementation and Interoperability of Role Based Access Control, Jan. 2011; www.techstreet.com/cgi-bindetail?doc_no=incits|459_2011;product_id=1777986 .
8. D.R. Kuhn, E.J. Coyne, and T.R. Weil, "Adding Attributes to Role Based Access Control," Computer, vol. 43, no. 6, 2010; http://csrc.nist.gov/groups/SNS/rbac/documents kuhn-coyne-weil-10.pdf.
635 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool