Access Control Management Using Extended RBAC Model

  • Aneta Poniszewska-Maranda
Part of the Studies in Computational Intelligence book series (SCI, volume 401)


The protection of data in information systems against improper disclosure or modification is an important requirement of each system. Nowadays the information systems of enterprises are more and more open, more information is easy accessible for the users, so it is important to better protect the confidential information. The paper presents a software tool for managing the security of enterprise information system on the access control level from the point of view of security administrator. The security administrator who is responsible for information system security will obtain a tool that facilitate the management of one of security aspects, namely the management of access control of users to data stored in a system. However, the application developers can also use such tool to define the access control rules for application elements created on the conception level.


Access Control Security Policy Access Control Policy Access Control Model Information System Security 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. ACM Press, Addison-Wesley (1994)Google Scholar
  2. 2.
    Sandhu, R., Munawer, Q.: How to do Discretionary Access Control Using Roles. In: Proceeding of 3rd ACM Workshop on Role-Based Access Control (1998)Google Scholar
  3. 3.
    Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, D., Chandramouli, R.: Proposed NIST Role-Based Access Control. ACM Transactions on Information and Systems Security TISSEC 4(3) (2001)Google Scholar
  4. 4.
    Goncalves, G., Poniszewska-Maranda, A.: Role engineering: from design to evaluation of security schemas. Journal of Systems and Software 81 (2008)Google Scholar
  5. 5.
    Poniszewska-Maranda, A., Goncalves, G., Hemery, F.: Representation of Extended RBAC Model Using UML Language. In: Vojtáš, P., Bieliková, M., Charron-Bost, B., Sýkora, O. (eds.) SOFSEM 2005. LNCS, vol. 3381, pp. 413–417. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Poniszewska-Marańda, A.: Conception Approach of Access Control in Heterogeneous Information Systems using UML. Journal of Telecommunication Systems 44 (2010)Google Scholar
  7. 7.
    Sandhu, R., Samarati, P.: Access control: Principles and practice. IEEE Communication 32(9), 40–48 (1994)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag GmbH Berlin Heidelberg 2012

Authors and Affiliations

  1. 1.Institute of Information TechnologyTechnical University of LodzLodzPoland

Personalised recommendations