While Mandatory Access Controls (MAC) are appropriate for multilevel secure military applications, Discretionary Access Controls (DAC) are often perceived as meeting the security processing needs of industry and civilian government. This paper argues that reliance on DAC as the principal method of access control is unfounded and inappropriate for many commercial and civilian government organizations. The paper describes a type of non-discretionary access control - role-based access control (RBAC) that is more central to the secure processing needs of non-military systems than DAC.
CITATION STYLE
Osborn, S. L. (2007). Role-Based Access Control. In Security, Privacy, and Trust in Modern Data Management (pp. 55–70). Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-540-69861-6_5
Mendeley helps you to discover research relevant for your work.