Issue No.06 - November/December (2007 vol.5)
David Ferraiolo , US National Institute of Standards and Technology
Rick Kuhn , US National Institute of Standards and Technology
Ravi Sandhu , University of Texas at San Antonio
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.173
As the authors of the original proposal for the role-based access control (RBAC) standard and developers of the models from which it derives, the authors respond here to Ninghui Li, Ji-Won Byun, and Elisa Bertino's critique, which also appears in this issue. This is an opportune time in the revision cycle to introduce proposals for changes to the standard.
standards, role-based access control, RBAC, security, authorization, emerging standards
David Ferraiolo, Rick Kuhn, Ravi Sandhu, "RBAC Standard Rationale: Comments on "A Critique of the ANSI Standard on Role-Based Access Control"", IEEE Security & Privacy, vol.5, no. 6, pp. 51-53, November/December 2007, doi:10.1109/MSP.2007.173