Rebuttal to the NIST RBAC model proposal

Trent Jaeger; Jonathon E. Tidswell

doi:10.1145/344287.344302

Rebuttal to the NIST RBAC model proposal

Trent Jaeger, Jonathon E. Tidswell

Research output: Contribution to conference › Paper › peer-review

14 Scopus citations

Abstract

In this abstract, we rebut the proposed RBAC unified reference model as defined by Sandhu, Ferriaolo, and Kuhn. As a unified reference model, this proposal simply re-enforces some of the concepts that are fundamental to RBAC (i.e., roles, users, and permissions) without clarifying the more complex concepts. Also, the definitions of the concepts are too informal to drive any useful standards proposal. We suggest formalizing the base concepts, including the addition of role administration, and that more work is necessary for constraints to be useful.

Original language	English (US)
Pages	65-66
Number of pages	2
DOIs	https://doi.org/10.1145/344287.344302
State	Published - 2000
Event	5th ACM Workshop on Role-Based Access Control (RBAC) - Berlin, Ger Duration: Jul 26 2000 → Jul 27 2000

Conference

Conference	5th ACM Workshop on Role-Based Access Control (RBAC)
City	Berlin, Ger
Period	7/26/00 → 7/27/00

All Science Journal Classification (ASJC) codes

Computer Science(all)

Access to Document

10.1145/344287.344302

Cite this

@conference{dccc20f52553440db2067efb09780637,

title = "Rebuttal to the NIST RBAC model proposal",

abstract = "In this abstract, we rebut the proposed RBAC unified reference model as defined by Sandhu, Ferriaolo, and Kuhn. As a unified reference model, this proposal simply re-enforces some of the concepts that are fundamental to RBAC (i.e., roles, users, and permissions) without clarifying the more complex concepts. Also, the definitions of the concepts are too informal to drive any useful standards proposal. We suggest formalizing the base concepts, including the addition of role administration, and that more work is necessary for constraints to be useful.",

author = "Trent Jaeger and Tidswell, {Jonathon E.}",

year = "2000",

doi = "10.1145/344287.344302",

language = "English (US)",

pages = "65--66",

note = "5th ACM Workshop on Role-Based Access Control (RBAC) ; Conference date: 26-07-2000 Through 27-07-2000",

}

TY - CONF

T1 - Rebuttal to the NIST RBAC model proposal

AU - Jaeger, Trent

AU - Tidswell, Jonathon E.

PY - 2000

Y1 - 2000

N2 - In this abstract, we rebut the proposed RBAC unified reference model as defined by Sandhu, Ferriaolo, and Kuhn. As a unified reference model, this proposal simply re-enforces some of the concepts that are fundamental to RBAC (i.e., roles, users, and permissions) without clarifying the more complex concepts. Also, the definitions of the concepts are too informal to drive any useful standards proposal. We suggest formalizing the base concepts, including the addition of role administration, and that more work is necessary for constraints to be useful.

AB - In this abstract, we rebut the proposed RBAC unified reference model as defined by Sandhu, Ferriaolo, and Kuhn. As a unified reference model, this proposal simply re-enforces some of the concepts that are fundamental to RBAC (i.e., roles, users, and permissions) without clarifying the more complex concepts. Also, the definitions of the concepts are too informal to drive any useful standards proposal. We suggest formalizing the base concepts, including the addition of role administration, and that more work is necessary for constraints to be useful.

UR - http://www.scopus.com/inward/record.url?scp=0033646047&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0033646047&partnerID=8YFLogxK

U2 - 10.1145/344287.344302

DO - 10.1145/344287.344302

M3 - Paper

AN - SCOPUS:0033646047

SP - 65

EP - 66

T2 - 5th ACM Workshop on Role-Based Access Control (RBAC)

Y2 - 26 July 2000 through 27 July 2000

ER -

Rebuttal to the NIST RBAC model proposal

Abstract

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Cite this