@article{chad03, author = {David W. Chadwick and Alexander Otenko}, title = {The PERMIS X.509 role based privilege management infrastructure}, journal = {Future Gener. Comput. Syst.}, volume = 19, number = 2, year = 2003, issn = {0167-739X}, pages = {277--289}, publisher = {Elsevier Science Publishers B. V.}, } @inproceedings{chad02, author = {David W. Chadwick and Alexander Otenko}, title = {RBAC Policies in XML for X.509 Based Privilege Management}, booktitle = {Int. Conf. On Information Security}, year = 2002, isbn = {}, pages = {39--53}, location = {Cairo, Egypt}, doi = {}, publisher = {}, } @article{mary03, author = {Mary R. Thompson and Abdelilah Essiari and Srilekha Mudumbai}, title = {Certificate-based authorization policy in a PKI environment}, journal = {ACM Trans. Inf. Syst. Secur.}, volume = {6}, number = {4}, year = {2003}, issn = {1094-9224}, pages = {566--588}, doi = {http://doi.acm.org/10.1145/950191.950196}, publisher = {ACM Press}, } @article{blobe03, author = {B. Blobel, P. Hoepner, R. Joop, S. Karnouskos, G.Kleinhuis and G. Stassinopoulos}, title = {Using a privilege management infrastructure for secure web-based e-health applications}, journal = {Computer Communications}, volume = 26, number = {}, year = 2003, issn = 16, pages = {1863-1872}, doi = {}, publisher = {}, } @article{javier03, author = {Javier Lopez, Antonio Mana, Juan J. Ortega, Jose M. Troya and Manemma I. Yague}, title = {Integrating PMI services in CORBA applications}, journal = {Comput. Stand. Interfaces}, volume = 25, number = 4, year = 2003, issn = {0920-5489}, pages = {391--409}, doi = {http://dx.doi.org/10.1016/S0920-5489(03)00010-2}, publisher = {Elsevier Science Publishers B. V.}, } @article{ferra92, author = {D. Ferraiolo and D. R. Kuhn.}, title = {Role-based access control}, journal = {15th NIST-NCSC National Computer Security Conference}, volume = {}, number = {}, year = 1992, issn = {}, pages = {554-563}, doi = {}, publisher = {}, } @article{sterne92, author = {D. F. Sterne.}, title = {A tcb subset for integrity and role-based access control.}, journal = {15th NIST-NCSC National Computer Security Conference NIST/NSA}, volume = {}, number = {}, year = 1992, issn = {}, pages = {}, doi = {}, publisher = {}, } @article{sandhu96, author = {R. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman.}, title = {Role-based access control models}, journal = {IEEE Computer}, volume = 29, number = {}, year = 1996, issn = 2, pages = {38-47}, doi = {}, publisher = {}, } @article{vonsolms94, author = {S. H. {von Solms} and Isak {van der Merwe}}, title = {The management of computer security profiles using a role-oriented approach}, journal = {Comput. Secur.}, volume = 13, number = 9, year = 1994, issn = {0167-4048}, pages = {673--680}, publisher = {Elsevier Advanced Technology Publications}, } @article{ferra95, author = {D. Ferraiolo, J. Cugini, and D. R. Kuhn}, title = {Role-based access control: Features and motivations}, journal = {Computer Security Applications Conference}, volume = {}, number = {}, year = 1995, issn = {}, pages = {241.248}, publisher = {IEEE Computer Society Press}, } @misc{rbacstd04, author = {NIST}, title = {Role-based Access Control}, journal = {http://csrc.nist.gov/rbac/}, volume = {}, number = {}, year = 2004, issn = {}, pages = {}, publisher = {}, } @misc{rfc3281, author = {S. Farrell, R. Housley}, title = {An Internet Attribute Certificate Profile for Authorization}, journal = {http://www.ietf.org/rfc/rfc3281.txt}, volume = {}, number = {}, year = 2002, issn = {}, pages = {}, publisher = {}, } @misc{openldap, author = {OpenLDAP}, title = {The Open Source Lightweight Directory Access Protocol (LDAP)}, journal = {http://www.openldap.org/}, volume = {}, number = {}, year = 2004, issn = {}, pages = {}, publisher = {}, } @misc{xacml, author = {eXtensible Access Control Markup Language (XACML)}, title = {authorization policies specification in XML}, journal = {http://sunxacml.sourceforge.net/}, volume = {}, number = {}, year = 2004, issn = {}, pages = {}, publisher = {}, } @misc{openssl, author = {OpenSSL}, title = {The Open Source toolkit for SSL/TLs.}, journal = {http://www.openssl.org/}, volume = {}, number = {}, year = 2004, issn = {}, pages = {}, publisher = {}, } @misc{apache, author = {Jakarta}, title = {http://www.apache.org/}, journal = {Apache Software Foundation}, volume = {}, number = {}, year = 2004, issn = {}, pages = {}, publisher = {}, } @misc{modssl, author = {ModSSL}, title = {http://www.modssl.org/}, journal = {Apache Interface to OpenSSL}, volume = {}, number = {}, year = 2004, issn = {}, pages = {}, publisher = {}, } @inproceedings{charles02, author = {Charles E. {Phillips, Jr.} and T.C. Ting and Steven A. Demurjian}, title = {Information sharing and security in dynamic coalitions}, booktitle = {Proceedings of the seventh ACM symposium on Access control models and technologies}, year = {2002}, isbn = {1-58113-496-7}, pages = {87--96}, location = {Monterey, California, USA}, doi = {http://doi.acm.org/10.1145/507711.507726}, publisher = {ACM Press}, } @misc{apacheldap, author = {Muhammad A Muquit}, title = {http://www.muquit.com/muquit/software/mod_auth_ldap/mod_auth_ldap.html}, journal = {Apache Software Foundation}, volume = {}, number = {}, year = 2004, issn = {}, pages = {}, publisher = {}, } @misc{permiscookbook, author = {PERMIS}, title = {http://www.permis.org/}, journal = {Permis Documentation}, volume = {}, number = {}, year = 2004, issn = {}, pages = {}, publisher = {}, }