\begin{thebibliography}{10}

\bibitem{chad03}
{\sc Chadwick, D.~W., and Otenko, A.}
\newblock The permis x.509 role based privilege management infrastructure.
\newblock {\em Future Gener. Comput. Syst. 19}, 2 (2003), 277--289.

\bibitem{ferra95}
{\sc D.~Ferraiolo, J.~C., and Kuhn, D.~R.}
\newblock Role-based access control: Features and motivations.
\newblock {\em Computer Security Applications Conference\/} (1995), 241.248.

\bibitem{xacml-oasis}
{\sc eXtensible Access Control Markup Language~(XACML)}.
\newblock {\em authorization policies specification in XML}.
\newblock http://www.oasis-open.org/specs/index.php, 2004.

\bibitem{ferra92}
{\sc Ferraiolo, D., and Kuhn., D.~R.}
\newblock Role-based access control.
\newblock {\em 15th NIST-NCSC National Computer Security Conference\/} (1992),
  554--563.

\bibitem{javier03}
{\sc Javier~Lopez, Antonio~Mana, J. J. O. J. M.~T., and Yague, M.~I.}
\newblock Integrating pmi services in corba applications.
\newblock {\em Comput. Stand. Interfaces 25}, 4 (2003), 391--409.

\bibitem{markus03}
{\sc Lorch, M., Proctor, S., Lepro, R., Kafura, D., and Shah, S.}
\newblock First experiences using xacml for access control in distributed
  systems.
\newblock In {\em XMLSEC '03: Proceedings of the 2003 ACM workshop on XML
  security\/} (2003), ACM Press, pp.~25--37.

\bibitem{rbacstd04}
{\sc NIST}.
\newblock Role-based access control, 2004.

\bibitem{sandhu96}
{\sc R.~Sandhu, E. J.~Coyne, H. L.~F., and Youman., C.~E.}
\newblock Role-based access control models.
\newblock {\em IEEE Computer 29\/} (1996), 38--47.

\bibitem{sterne92}
{\sc Sterne., D.~F.}
\newblock A tcb subset for integrity and role-based access control.
\newblock {\em 15th NIST-NCSC National Computer Security Conference NIST/NSA\/}
  (1992).

\bibitem{mary03}
{\sc Thompson, M.~R., Essiari, A., and Mudumbai, S.}
\newblock Certificate-based authorization policy in a pki environment.
\newblock {\em ACM Trans. Inf. Syst. Secur. 6}, 4 (2003), 566--588.

\bibitem{vonsolms94}
{\sc {von Solms}, S.~H., and {van der Merwe}, I.}
\newblock The management of computer security profiles using a role-oriented
  approach.
\newblock {\em Comput. Secur. 13}, 9 (1994), 673--680.

\end{thebibliography}