Composed SoD - Uma Proposta para Auxiliar Modelos de Controle de Acesso
Abstract
One of the main sources of attack to the internal system of companies, their own employees. The current models of access control do not cover organized groups of badly intentioned employees. This article considers a way to identify groups of users and to verify its executed tasks. And thus, to prevent further damages the company.References
Ferraiolo, D. and Kuhn, R. (1992). Role-based access control. In 15th NIST-NCSC National Computer Security Conference, pages 554–563, Gaithersburg, Maryland, United States. National Institute of Standards and Technology.
Joshi, J., Bertino, E., Latif, U., and Ghafoor, A. (2005). A generalized temporal rolebased access control model. In Knowledge and Data Engineering, IEEE Transactions on, page 19, Los Alamitos, CA. IEEE Computer Society Press.
Sandhu, R., Bhamidipati, V., Coyne, E., Ganta, S., and Youman, C. (1997). The ARBAC97 model for role-based administration of roles: Preliminary description and outline. In RBAC ’97: Proceedings of the second ACM workshop on Role-based access control, pages 41–50, New York, NY, USA. ACM Workshop on Role Based Access Control, ACM Press.
Sandhu, R., Ferraiolo, D., and Kuhn, R. (2000). The nist model for role-based access control: towards a unified standard. In RBAC ’00: Proceedings of the fifth ACM workshop on Role-based access control, pages 47–63, New York, NY, USA. ACM workshop on Role-based access control, ACM Press.
Sandhu, R. S. (1996). Rationale for the RBAC96 family of access control models. In RBAC ’95: Proceedings of the first ACM Workshop on Role-based access control, page 9, New York, NY, USA. ACM Workshop on Role-based access control, ACM Press.
Sandhu, R. S., Coyne, E. J., Feinstein, H. L., , and Youman, C. E. (1996). Role based access control models. Computer IEEE, 29(2):38–47.
Joshi, J., Bertino, E., Latif, U., and Ghafoor, A. (2005). A generalized temporal rolebased access control model. In Knowledge and Data Engineering, IEEE Transactions on, page 19, Los Alamitos, CA. IEEE Computer Society Press.
Sandhu, R., Bhamidipati, V., Coyne, E., Ganta, S., and Youman, C. (1997). The ARBAC97 model for role-based administration of roles: Preliminary description and outline. In RBAC ’97: Proceedings of the second ACM workshop on Role-based access control, pages 41–50, New York, NY, USA. ACM Workshop on Role Based Access Control, ACM Press.
Sandhu, R., Ferraiolo, D., and Kuhn, R. (2000). The nist model for role-based access control: towards a unified standard. In RBAC ’00: Proceedings of the fifth ACM workshop on Role-based access control, pages 47–63, New York, NY, USA. ACM workshop on Role-based access control, ACM Press.
Sandhu, R. S. (1996). Rationale for the RBAC96 family of access control models. In RBAC ’95: Proceedings of the first ACM Workshop on Role-based access control, page 9, New York, NY, USA. ACM Workshop on Role-based access control, ACM Press.
Sandhu, R. S., Coyne, E. J., Feinstein, H. L., , and Youman, C. E. (1996). Role based access control models. Computer IEEE, 29(2):38–47.
Published
2006-08-28
How to Cite
SAKAUE, Eduardo; ALMEIDA, Felipe A..
Composed SoD - Uma Proposta para Auxiliar Modelos de Controle de Acesso. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 6. , 2006, Santos.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2006
.
p. 290-293.
DOI: https://doi.org/10.5753/sbseg.2006.20958.
