The Community for Technology Leaders
RSS Icon
Issue No.06 - Nov.-Dec. (2011 vol.13)
pp: 54-57
Edward J. Coyne , High Performance Technologies, Inc.
Timothy R. Weil , Raytheon Polar Services
Rick Kuhn , US National Institute of Standards and Technology
<p>Most of today's large firms use some form of role-based access control (RBAC) to support thousands of users and permission controls. Recognizing the need for some commonality among the various RBAC models, the National Institute of Standards and Technology proposed the NIST Model for RBAC in 2000. NIST is now working to update and enhance this standard.</p>
Keywords: Standards, role-based access control (RBAC), role engineering, information technology
Edward J. Coyne, Timothy R. Weil, Rick Kuhn, "Role Engineering: Methods and Standards", IT Professional, vol.13, no. 6, pp. 54-57, Nov.-Dec. 2011, doi:10.1109/MITP.2011.105
1. A.C. O'Connor and R.J. Loomis, "Economic Analysis of Role-Based Access Control," Research Triangle Inst., Dec. 2010; 20101219_RBAC2_Final_Report.pdf.
2. "The President," Critical Infrastructure Executive Order 13010, Federal Register, vol. 61, no. 138, 1996; .
3. "Presidential Directive 63," Presidential Decision Directive, 22 May 1998;
4. "Critical Infrastructure Protection in the Information Age," Executive Order EO13231, 16 Oct. 2001;
5. Standard CIP–007–1, Cyber Security—Systems Security Management, North America Electric Reliability Corp., 2009;
6. K.D. Gordon et al., "Accounting Data Security at JEA Using Role-Based Access Controls," University of North Florida, 2011; .
7. E.J. Coyne, D.R. Kuhn, and T.R. Weil, "ANSI/INCITS 459-2011," Information Technology: Requirements for the Implementation and Interoperability of Role Based Access Control, Jan. 2011;|459_2011;product_id=1777986 .
8. D.R. Kuhn, E.J. Coyne, and T.R. Weil, "Adding Attributes to Role Based Access Control," Computer, vol. 43, no. 6, 2010; kuhn-coyne-weil-10.pdf.
3 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool