The Community for Technology Leaders
RSS Icon
Issue No.06 - November/December (2007 vol.5)
pp: 51-53
David Ferraiolo , US National Institute of Standards and Technology
Ravi Sandhu , University of Texas at San Antonio
As the authors of the original proposal for the role-based access control (RBAC) standard and developers of the models from which it derives, the authors respond here to Ninghui Li, Ji-Won Byun, and Elisa Bertino's critique, which also appears in this issue. This is an opportune time in the revision cycle to introduce proposals for changes to the standard.
standards, role-based access control, RBAC, security, authorization, emerging standards
David Ferraiolo, Ravi Sandhu, "RBAC Standard Rationale: Comments on "A Critique of the ANSI Standard on Role-Based Access Control"", IEEE Security & Privacy, vol.5, no. 6, pp. 51-53, November/December 2007, doi:10.1109/MSP.2007.173
1. D.F. Ferraiolo and D.R. Kuhn, "Role-Based Access Control," Proc. 15th Nat'l Computer Security Conf., US Nat'l Security Agency/Nat'l Inst. of Standards and Technology, 1992, pp. 554–563; .
2. R. Sandhu et al., "Role-Based Access Control Models," Computer, vol. 29, no. 2, 1996, pp. 38–47.
3. R. Sandhu, D. Ferraiolo, and R. Kuhn, "The NIST Model for Role-Based Access Control: Towards a Unified Standard," Proc. 5th ACM Workshop on Role-Based Access Control, ACM Press, 2000, pp. 47–63.
38 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool