Try the new CSRC.nist.gov and let us know what you think!
(Note: Beta site content may not be complete.)
RBAC book |
"A must read." Review from IEEE Computer Society, Security & Privacy "Overall, this is a great book." Linux Journal |
2002 Gold Medal for Scientific/ Engineering Achievement - US Department | |
1998 Excellence in Technology Transfer Award - Federal Laboratory Consortium | |
1998 Best Paper - Nat Inf Systems Security Conf |
ISBN 1-58053-370-1
David F. Ferraiolo, D. Richard Kuhn, and Ramaswamy Chandramouli
338 pages
Role-based access control (RBAC) is a security mechanism that can greatly lower the cost and complexity of security administration for large networked applications. RBAC simplifies security administration by using roles, hierarchies, and constraints to organize privileges. This book explains these components of RBAC, as well as how to support and administer RBAC in a networked environment and how to integrate it with existing infrastructure.
Because role hierarchies and role engineering are crucial to RBAC, you learn how to effectively implement them to ensure total access control. Specialized topics covered in detail include separation of duties, combining RBAC with military security models, and recent efforts toward standardization. This book also guides you through the various RBAC products available on the market and along the migration path to deploying RBAC for enterprise-wide security.
Read a review of the book from IEEE Computer Society Security & Privacy T.C.'s Cipher
Contents: