Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

    Projects Role Based Access Control

Role Based Access Control

Project Links

Overview FAQs Publications Presentations

Publications

The following NIST-authored publications are directly related to this project.

Series & Number Title Status Released
Journal Article Role Engineering: Methods and Standards Final 12/08/2011
Journal Article Adding Attributes to Role-Based Access Control Final 06/01/2010
Journal Article RBAC Standard Rationale: Comments on "A Critique of the ANSI Standard on Role Based Access Control" Final 12/12/2007
Book Role-Based Access Control (2nd ed.) Final 01/31/2007
Book Role-Based Access Control (1st ed.) Final 01/01/2003
White Paper The Economic Impact of Role-Based Access Control Final 03/01/2002
Conference Proceedings The NIST Model for Role-Based Access Control: Towards a Unified Standard Final 07/26/2000
Conference Proceedings Supporting Relationships in Access Control Using Role Based Access Control Final 10/29/1999
Journal Article A Role-Based Access Control Model and Reference Implementation Within a Corporate Intranet Final 02/01/1999
Conference Proceedings Role-Based Access Control for the Web Final 10/29/1998
Conference Proceedings Role Based Access Control on MLS Systems Without Kernel Changes Final 10/23/1998
Conference Proceedings Role-Based Access Control Features in Commercial Database Management Systems Final 10/09/1998
Conference Proceedings Formal Specification for Role Based Access Control User/Role and Role/Role Relationship Management Final 10/01/1998
NISTIR 6192 A Revised Model for Role Based Access Control Final 07/09/1998
Conference Proceedings Comparing Simple Role Based Access Control Models and Access Control Lists Final 11/07/1997
Conference Proceedings Role Based Access Control for the World Wide Web Final 10/10/1997
NISTIR 5820 Distributed Communication Methods and Role-Based Access Control for Use in Health Care Applications Final 04/01/1996
Conference Proceedings Role-Based Access Control (RBAC): Features and Motivations Final 12/15/1995
Conference Proceedings Implementing Role-Based Access Control Using Object Technology Final 12/01/1995
ITL Bulletin An Introduction to Role-Based Access Control Withdrawn 12/01/1995
Conference Proceedings Role-Based Access Controls Final 10/13/1992

Additional Pages

RBAC LibraryRole Engineering and RBAC StandardsRBAC and Sarbanes-Oxley ComplianceRBAC Case Studies

Contacts

RBAC Inquiries
rbac-info@nist.gov

David Ferraiolo
david.ferraiolo@nist.gov
301-975-3046

Rick Kuhn
d.kuhn@nist.gov
(301) 975-3337

Ramaswamy "Mouli" Chandramouli
mouli@nist.gov
301-975-5013

Topics

Security and Privacy: access control

Related Projects

Attribute Based Access Control
Policy Machine
Created November 21, 2016, Updated March 29, 2018