References

Next: About this document Up: Bringing Role-Based Access Control Previous: Future work

References

Note

Some citations include Universal Resource Locators (URLs). These URLs have been verified to be correct at the time of printing. Due to the dynamic nature of the Internet, there are unfortunately no guarantees for how long an URL will remain operable. However, as long as a resource remains available electronically, effort and delays in obtaining a reference can be greatly reduced. For this reason we have, despite their limited persistence, decided to include a URL with citations where an electronic copy or information is available.

AB96

Ross Anderson and Bli Biham. Tiger: A Fast New Hash Function. In Dieter Gollmann, editor, Fast software encryption: Third International Workshop, pages 89--97. Springer-Verlag, 1996.

Atk95a

R. Atkinson. IP Authentication Header. RFC 1826, August 1995.

Atk95b

R. Atkinson. IP Encapsulating Security Payload (ESP). RFC 1827, August 1995.

Atk95c

R. Atkinson. Security Architecture for the Internet Protocol. RFC 1825, August 1995.

Att

Attachmate. PathWay Server NFS for OpenVMS. Product information, World Wide Web document.

http://www.attachmate.com
[2]/OSG/NFSServerVMS/default.asp.

Bid79

Bruce J. Biddle. Role Theory -- Expectations, Identities and Behaviours. Academic Press, 1979. ISBN 0-12-095950-X.

Bok95

S. N. Bokhari. The Linux operating system. Computer, 28(8):77--9, Aug 1995.

CCI88

CCITT. Blue Book, Volume VIII - Fascicle VIII.8, Data Communication Networks Directory, Recommendations X.500-X.521. CCITT, 1988. ISBN 92-61-03731-3.

CHN94

S. Chapin, W. Herndon, L. Notargiacomo, M. Katz, and T. Mowbray. Security for the Common Object Request Broker Architecture (CORBA). In Proceedings 10th Annual Computer Security Applications Conference (Cat. No.94TH8032), pages 21--30. IEEE Comput. Soc. Press, Los Alamitos, CA, USA, 1994. ISSN/ISBN 0 8186 6795 8.

CP96

G. Cattaneo and G. Persiano. Design and Implementation of a Transparent Cryptographic File System for Unix. Technical report, Dip. Informatica ed Appl., Universta di Salerno, Baronissi(SA), Italy, 1996. URL: ftp://edu-gw.dia.unisa.it/pub/tcfs/tcfs.ps.gz.

CPS95

B. Callaghan, B. Pawlowski, and P. Staubach. NFS Version 3 Protocol Specification. RFC 1813, June 1995.

CS92

Silvana Castano and Pierangela Samarati. An Object-Oriented Security Model for Office Environments. In Larry D. Sanson, editor, International Carnahan Conference on Security Technology 26, pages 146--152. IEEE, 1992.

dBB94

B. den Boer and A. Bosselaers. Collisions for the compression function of MD5. In Advances in Cryptology: Eurocrypt '93, pages 293--304. Springer-Verlag, 1994.

DH76

W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, IT(I22):644--654, Nov 1976.

DHTK93

S. A. Demurijian, M.-Y. Hu, T. C. Ting, and D. Kleinman. Towards an Authorization Mechanism for User-Role Based Security in an Object-Oriented Design Model. In Twelfth Annual International Phoenix Conference on Computers And Communications, pages 195--202, New York, NY, USA, 1993. IEEE. ISBN 0-7803-0922-7.

Dob96

Hans Dobbertin. Cryptanalysis of MD4. In Fast Software Encryption: Third International Workshop, Cambridge, UK, pages 53--69. Springer-Verlag, 1996.

DOD85

US Department of Defense. Trusted Computer System Evaluation Criteria. DOD5200.28-STD, Dec 1985.

ECM96

ECMA. Standard ECMA--219, Authentication and Privilege Attribute Security Application with Related Key Distribution Functions. 114 Rue du Rhône, CH-1204 Geneva, Switzerland, March 1996. http://www.ecma.ch/stand/ecma-219.HTM.

GDS97

Mats Gustafsson, Benoit Deligny, and Nahid Shahmehri. Using NFS to implement Role-Based Access Control. In Proceedings Sixth IEEE Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pages 299--304, MIT, Cambridge, Massachusetts, USA., June 1997. IEEE Computer Society Press. ISBN 0-8186-7967-0.

GS96

Mats Gustafsson and Nahid Shahmehri. A Role Description Framework and its Applications to Role-Based Access Control. In NORDSEC '96 -- Nordic Workshop on Secure Computer Systems, Gothenburg, Sweden, Nov 1996. SIG Security/Dept. of Computer Engineering, Chalmers University of Technology. Also presented at the IEEE WET ICE '96 Workshop on Enterprise Security, Stanford University, Palo Alto, June 19--21 1996.

ISO96

Information technology --- Open Systems Interconnection --- Security frameworks for open systems: Access control framework. International standard ISO/IEC 10181-3, Sep 1996.

JH92

K.M. Jackson and J. Hruska, editors. Computer Security Reference Book. Butterworht-Heinemann, Oxford, 1992. ISBN 0-7506-0357-7.

Kle86

S. R. Kleiman. Vnodes: An Architecture for Multiple File Systems Types in Sun UNIX. In Proceedings of the Summer 1986 USENIX Conference, pages 238--247, Atlanta, Jun 1986.

KN93

J. Kohl and C. Neuman. The Kerberos Network Authentication Service (V5) . RFC 1510, September 1993.

Lin

The Linux Home Page. World Wide Web page. URL: http://www.linux.org/.

Lin93

J. Linn. Generic Security Service Application Program Interface. RFC 1508, Sept 1993.

Lin97

J. Linn. Generic Security Service Application Program Interface, Version 2. RFC 2078, January 1997. Obsoletes RFC 1508.

LM91

X. Lai and J. L. Massey. A proposal for a new block encryption standard. In Advances in Cryptology --- Eurocrypt '90. Springer-Verlag, 1991.

LMSY95

Emil C. Lupu, Damian A. Marriott, Morris S. Sloman, and Nicholas Yialelis. A Policy Based Role Framework for Access Control. In First ACM Workshop on Role-Based Access Control, Gaithersburg, Maryland, Nov 1995. URL ftp://dse.doc.ic.ac.uk/dse-papers/management/rbac95.ps.Z.

Mar93

Damian A. Marriott. Management Policy Specification. Research Report DoC 94/1, Imperial College, Department of Computing, 180 Queens's Gate, London, SW7 2BZ, Uk, Nov 1993. URL ftp://dse.doc.ic.ac.uk/dse-papers/management/policy_spec.ps.gz.

McL87

William T. McLeod, editor. The New Collins Concise Dictionary of the English Language. Guild Publishing London, 1987.

MD94

Imtiaz Mohammed and David M. Dilts. Design for Dynamic User-Role-Based Security. Computers & Security, 13(8):661--71, 1994.

Mic

Sun Microsystems. Solstice Network Client -- PC-NFS1exTM 5.1. Product information, World Wide Web document.

http://www.sun.com
[2]/sunsoft/solstice/Networking-products/PC-NF S51.html.

Mos92

Robin Moses. Computer Security Reference Book, chapter on Risk Analysis and Management, pages 227--263. Butterworht-Heinemann, Oxford, 1992. ISBN 0-7506-0357-7.

Nat93

National Institute of Standards and Technology (NIST). Data Encryption Standard (DES). Federal Information Processing Standards Publication (FIPS PUB) 46-2, December 1993. http://csrc.ncsl.nist.gov/fips.

Nat95

National Institute of Standards and Technology (NIST). Secure Hash Standard. Federal Information Processing Standards Publication (FIPS PUB) 180-1, April 1995. http://csrc.ncsl.nist.gov/fips.

NO93a

Matunda Nyanchama and Sylvia Osborn. Role-Based Security, Object Oriented Databases & Separation of Duty. SIGMOD RECORD, 22(4):45--51, Dec 1993.

NO93b

Matunda Nyanchama and Sylvia Osborn. Role-Based Security: Pros, Cons & Some Research Directions. ACM SIGSAC Review, 2(2):11--17, June 1993. URL http://www.csd.uwo.ca/tech-reports/442/roles.ps.Z.

NO94

Matunda Nyanchama and Sylvia Osborn. Access Rights Administration in Role-Based Security Systems. In J. Biskup, M. Morgenstern, and C. E. Landwehr, editors, Database security, VIII, pages 37--56. IFIP, North-Holland, 1994.

Nov

Novell, Inc. IntranetWare NFS ServicesIntranetWare and NetWare 4 Edition: Executive Summary. World Wide Web document. http://www.novell.com/catalog/qr/sne34210.html.

NT94

B. Clifford Neuman and Theodore Ts'o. Kerberos: An Authentication Service for Computer Networks. IEEE Communications Magazine, 32(9):33--38, September 1994. http://nii.isi.edu/publications/kerberos-neuman-tso.html.

Opp96

Rolf Oppliger. Authentication Systems for Secure Networks. Artech House, 1996. ISBN 0-89006-510-1.

Pfi96

Birgit Pfitzmann. Digital Signature Schemes -- General Framework and Fail-Stop Signatures. Lecture Notes in Computer Science 1100. Springer-Verlag, 1996. ISBN 3-540-61517-2.

Pfl97

Charles P. Pfleeger. Security in Computing. Prentice Hall, second edition, 1997. ISBN 0-13-185794-0.

PJS94

Brian Pawlowski, Chet Juszczak, Peter Staubach, Carl Smith, Diane Lebel, and David Hitz. NFS Version 3 Design and Implementation. In Proceedings Summer 1994 USENIX Conference, pages 137--151, Boston, MA, USA, 1994.

PP95

Tom Parker and Denis Pinkas. SESAME V4 -- OVERVIEW. World Wide Web document, Dec 1995. URL: http://www.esat.kuleuven.ac.be/cosic/sesame/doc-ps.html.

PS95

Tom Parker and Chris Sundt. Role Based Access Control in Real Systems. In First ACM Workshop on Role-Based Access Control, Gaithersburg, Maryland, Nov 1995.

Rap97

Karin Rappe. Roles and Role Management in Role-Based Access Control -- Model, design and implementation. Master's thesis, Linköping University, Dept. of Computer and Information Science, Linköping University, S-581 83 Linköping, Sweden, Jan 1997. LiTH-IDA-Ex-9652.

RC93

P. Rogaway and D. Coppersmith. A Software-Optimized Encryption Algorithm. In First Workshop on Fast Software Encryption, pages 56--63, Cambridge, UK, 1993. Springer-Verlag.

Riv91

Ronald L. Rivest. The MD4 Message Digest Algorithm. In Advances in Cryptology --- CRYPTO '90, pages 303--311. Springer-Verlag, 1991. Also Internet RFC 1320, April 1992.

Riv92

R. Rivest. The MD5 Message-Digest Algorithm. RFC 1320, April 1992.

Riv95

Ronald L. Rivest. The RC5 encryption algorithm. CryptoBytes, 1(1):9--11, 1995.

RL96

Ronald L. Rivest and Butler Lampson. SDSI - A Simple Distributed Security Infrastructure. URL, 1996. http://theory.lcs.mit.edu/

rivest/sdsi10.html.

RSA78

R. L. Rivest, A. Shamir, and L. M. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120--126, February 1978.

Sal90

Arto Salomaa. Public-Key Cryptography, volume 23 of EATCS Monographs on Theoretical Computer Science. Springer-Verlag, 1990. ISBN 3-540-52831-8.

Sal96

Arto Salomaa. Public-Key Cryptography, volume 23 of EATCS Monographs on Theoretical Computer Science. Springer-Verlag, 1996. Second enl. edition. ISBN 3-540-61356-0.

SBS95

Mark Shand, Donald Becker, Rick Sladkey, Orest Zborowski, Fred van Kempen, and Olaf Kirch. The LINUX User-Space NFS Server(1), Version 2.2. URL ftp://ftp.mathematik.th-darmstadt.de
[2]/pub/linux/okir/, December 1995.

SCFY94

Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman. Role-Based Access Control: A Multi-Dimensional View. In Proceedings of the 10th Annual Computer Security Applications Conference, Orlando, Florida, Dec 5--9 1994. URL http://www.list.gmu.edu/confrnc/acsac/ps_ver/a94rabca.ps.

SCFY96

Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman. Role-based access control models. Computer, 29(2):38--47, Feb 1996.

Sch95

Bruce Schneier. Applied Cryptography. Wiley & Sons, 1995. ISBN 0-471-11709-9.

SF94

Ravi S. Sandhu and Hal Feinstein. A Three Tier Architecure for Role-Based Access Control. In Proceedings of the 17th NIST-NCSC National Computer Security Conference, pages 138--149, Baltimore, MD, October 11-14 1994. URL http://www.list.gmu.edu/confrnc/ncsc/ps_ver/b94rbac.ps.

Slo94

Morris Sloman. Policy driven management for distributed systems. Journal of Network and Systems Management, 2(4), 1994. URL ftp://dse.doc.ic.ac.uk/dse-papers/management/pdman.ps.Z.

Sta94

William Stallings. SHA: The Secure Hash Algorithm. Dr. Dobb's Journal, pages 32,34, April 1994.

Sun87

Sun Microsystems, Inc. XDR: External Data Representation Standard. RFC 1014, June 1987.

Sun88

Sun Microsystems, Inc. RPC: Remote Procedure Call Protocol Specification Version 2. RFC 1057, June 1988.

Sun89

Sun Microsystems, Inc. NFS: Network File System Protocol Specification. RFC 1094, March 1989.

Tat97

Tatu Ylönen. Ssh (Secure Shell) Home page. URL, 1997. http://www.cs.hut.fi/ssh/.

The95

The Object Management Group. CORBAservices: Common Object Services Specification, chapter Security Service Specification, pages 15--1 -- 15--286. OMG, revised edition edition, March 1995. Updated 1996, 1997. URL: http://www.omg.org/.

URLa

SPKI Certificate Documentation. URL. http://www.clark.net/pub/cme/html/spki.html.

URLb

X.500 directory services --- documentation. URL. http://www.bath.ac.uk/

ccsap/Directory/documentation.html.

WR92

C. Weider and J. Reynolds. Executive Introduction to Directory Services Using the X.500 Protocol. RFC 1308, March 1992.

WRH92

C. Weider, J. Reynolds, and S. Heker. Technical Overview of Directory Services Using the X.500 Protocol. RFC 1309, March 1992.

Yag96

T. Yager. Linux matters. BYTE, 21(2):123--4,126--8, Feb 1996.

matgu@ida.liu.se