NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
RBAC Book icon
RBAC book
"A must read."
Review from IEEE Computer Society, Security & Privacy
"Overall, this is a great book."
Linux Journal
Image of Gold Medal 2002 Gold Medal for Scientific/ Engineering Achievement - US Department
Multi Colored arrow pointing up 1998 Excellence in Technology Transfer Award - Federal Laboratory Consortium
Globe 1998 Best Paper - Nat Inf Systems Security Conf

Helpful RBAC Resources

Early Papers

D.F. Ferraiolo and D.R. Kuhn (1992) "Role Based Access Control" 15th National Computer Security Conference - original RBAC paper; introduces a formal model for role based access PDF D.F. Ferraiolo, J. Cugini, D.R. Kuhn (1995) "Role Based Access Control: Features and Motivations", Computer Security Applications Conference - extends the 1992 model PDF R. S. Sandhu, E.J. Coyne, H.L. Feinstein, C.E. Youman (1996), "Role-Based Access Control Models", IEEE Computer 29(2): 38-47, IEEE Press, 1996.- introduces a framework for RBAC models PDF RBAC Theory and Practice Timeline - early theoretical results for RBAC models that evolved into RBAC standard