Supporting Parameterised Roles with Object-based Access Control

Evered, Mark Peter

Please use this identifier to cite or link to this item: https://hdl.handle.net/1959.11/4492

Full metadata record

DC Field	Value	Language
dc.contributor.author	Evered, Mark Peter	en
local.source.editor	Editor(s): R H Sprague Jr	en
dc.date.accessioned	2010-02-04T16:14:00Z	-
dc.date.issued	2003	-
dc.identifier.citation	Proceedings of the 36th Annual Hawaii International Conference on System Sciences, p. 1-9	en
dc.identifier.isbn	0769518745	en
dc.identifier.uri	https://hdl.handle.net/1959.11/4492	-
dc.description.abstract	The per-method access control lists of standard internet technologies allow only simple forms of access control to be expressed and enforced. They also fail to enforce a strict need-to-know view of persistent data. Real applications require more flexible security constraints including parameter restrictions, logging of accesses and state-dependent access constraints. In particular, the concept of parameterised roles, central to a fine-grained specification of access rules and compliance with privacy laws, should be supported in a natural way. In this paper we demonstrate how an object-based approach using the mechanism of bracket capabilities can be used to enforce various kinds of access constraints including discretionary, mandatory and parameterised role-based access control. We give examples from a health information system incorporating secure patient access and secure access by appropriate medical and administrative personnel.	en
dc.language	en	en
dc.publisher	Institute of Electrical and Electronics Engineers (IEEE)	en
dc.relation.ispartof	Proceedings of the 36th Annual Hawaii International Conference on System Sciences	en
dc.title	Supporting Parameterised Roles with Object-based Access Control	en
dc.type	Conference Publication	en
dc.relation.conference	HICSS-36 (2003): 36th Annual Hawaii International Conference on System Sciences	en
dc.identifier.doi	10.1109/HICSS.2003.1174463	en
dc.subject.keywords	Data Format	en
local.contributor.firstname	Mark Peter	en
local.subject.for2008	080499 Data Format not elsewhere classified	en
local.subject.seo2008	899999 Information and Communication Services not elsewhere classified	en
local.profile.school	School of Science and Technology	en
local.profile.email	mevered@une.edu.au	en
local.output.category	E1	en
local.record.place	au	en
local.record.institution	University of New England	en
local.identifier.epublicationsrecord	pes:964	en
local.date.conference	6th - 9th January, 2003	en
local.conference.place	Waikoloa, United States of America	en
local.publisher.place	Los Alamitos, United States of America	en
local.format.startpage	1	en
local.format.endpage	9	en
local.identifier.scopusid	84969506875	en
local.contributor.lastname	Evered	en
dc.identifier.staff	une-id:mevered	en
local.profile.role	author	en
local.identifier.unepublicationid	une:4599	en
dc.identifier.academiclevel	Academic	en
local.title.maintitle	Supporting Parameterised Roles with Object-based Access Control	en
local.output.categorydescription	E1 Refereed Scholarly Conference Publication	en
local.relation.url	http://trove.nla.gov.au/work/20545430	en
local.conference.details	HICSS-36 (2003): 36th Annual Hawaii International Conference on System Sciences, Waikoloa, Hawaii, 6th - 9th January, 2003	en
local.search.author	Evered, Mark Peter	en
local.uneassociation	Unknown	en
local.year.published	2003	en
local.date.start	2003-01-06	-
local.date.end	2003-01-09	-
Appears in Collections:	Conference Publication School of Science and Technology

Files in This Item:

2 files

File	Description	Size	Format

Show simple item record

SCOPUS^TM
Citations

1

checked on Mar 23, 2024

Page view(s)

1,212

checked on Mar 24, 2024

Google Scholar^TM

Check

Research UNE

Files in This Item:

SCOPUS^TM
Citations

Page view(s)

Google Scholar^TM

Altmetric

Research UNE

Files in This Item:

SCOPUSTM Citations

Page view(s)

Google ScholarTM

Altmetric

SCOPUS^TM
Citations

Google Scholar^TM