Role-Based Access Control (2nd ed.)

This newly revised edition of "Role-Based Access Control" offers the latest details on a security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edition provides more comprehensive and updated coverage of access control models, new RBAC standards, new in-depth case studies and discussions on role engineering and the design of role-based systems. The book shows how RBAC simplifies security administration by using roles, hierarchies, and constraints to manage the review and control of organizational privileges. Moreover, it explains how RBAC makes it possible to specify many types of enterprise security policies.