Issue No. 06 - November/December (2007 vol. 5)
ISSN: 1540-7993
pp: 41-49
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.158
Ji-Won Byun , Purdue University
Ninghui Li , Purdue University
Elisa Bertino , Purdue University
ABSTRACT
Vendors have widely adopted RBAC to manage user access to computer resources in various products, including database management systems. However, as this analysis shows, the standard is hindered by limitations, errors, and design flaws.
INDEX TERMS
role-based access control, security, authorization management, standards
CITATION
Ji-Won Byun, Ninghui Li, Elisa Bertino, "A Critique of the ANSI Standard on Role-Based Access Control", IEEE Security & Privacy, vol. 5, no. , pp. 41-49, November/December 2007, doi:10.1109/MSP.2007.158
