Section I: Access Control Concepts & RBAC? Introduction.; Access Control Definitions and Enforcement Framework.; Section II: RBAC Framework: Models & Contraints? Core RBAC Features.; Role Hierarchies.; SoD and Constraints in RBAC Systems.; RBAC, MAC and DAC.; RBAC and Privacy.; Section III: RBAC Standardization? RBAC Standards.; Section IV: Enterprise Security Administration in RBAC? Role-Based Administration of RBAC.; Role Engineering.; Enterprise Access Control Frameworks Using RBAC and XML Technologies.; Section V: RBAC in IT Systems Applications? Integrating RBAC with Enterprise IT Infrastructures.; RBAC Implementation Case Studies.; RBAC Features in Commerical Products.; Appendices.; About the Authors.; Index.
David F. Ferraiolo is a supervisory computer scientist in the Computer Security Division at the National Institute of Standards and Technology (NIST), Gaithersburg, MD. In addition to managing three access control and security management projects, he is leading research to improve operational assurance, security authentication, intrusion detection, and authorization. D. Richard Kuhn is a computer scientist in the Computer Security Division of NIST. His primary technical interests are information security and software testing and assurance. He developed, in conjunction with David Ferraiolo, the first formal model for role based access control, and is overseeing NIST's proposed standard for RBAC. Ramaswamy Chandramouli is a computer scientist in the Computer Security Division of NIST. He has more than 17 years experience in design and development of IT solutions in industry and government, and coauthored the first international security protection profile for RBAC. His current work focuses on automated security testing tools, and he is coauthor of NIST's proposed RBAC standard.