Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Role-Based Access Control, Second Edition

Published

Author(s)

David F. Ferraiolo, David R. Kuhn, Ramaswamy Chandramouli

Abstract

[ISBN-13: 978-1-59693-113-8] This newly revised edition of "Role-Based Access Control" offers the latest details on a security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edition provides more comprehensive and updated coverage of access control models, new RBAC standards, new in-depth case studies and discussions on role engineering and the design of role-based systems. The book shows how RBAC simplifies security administration by using roles, hierarchies, and constraints to manage the review and control of organizational privileges. Moreover, it explains how RBAC makes it possible to specify many types of enterprise security policies. This unique resource covers all facets of RBAC, from its solid model-theoretic foundations to its implementation within commercial products. You learn how to use RBAC to emulate other access control models and find frameworks and tools for administering RBAC. Research prototypes that have incorporated RBAC into various classes of software like WFMS, Web server, OS (Unix) and Java (JEE) are reviewed. Products implementing RBAC features such as relational DBMS and Enterprise Security Administration (ESA) systems are described to serve as a guide to the state of practice of RBAC.
Citation
Role-Based Access Control, Second Edition
Publisher Info
Artech House, Norwood, MA

Keywords

access control, enterprise security, RBAC, Role-Based Access Control

Citation

Ferraiolo, D. , Kuhn, D. and Chandramouli, R. (2006), Role-Based Access Control, Second Edition, Artech House, Norwood, MA (Accessed October 31, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created December 31, 2006, Updated February 19, 2017