Role-Based Access Control in Retrospect

V. Nunes Leal Franqueira, Roelf J. Wieringa

    Research output: Contribution to journalArticleAcademicpeer-review

    7 Citations (Scopus)
    1 Downloads (Pure)

    Abstract

    Role-Based Access Control (RBAC) has been a success in terms of the amount of research that went into it, its uptake in international standards, and its adoption by major software vendors. Yet, RBAC remains complex to implement in user organizations. In this paper we review the state of the art of RBAC in terms of RBAC features, assumptions, strengths and possible weaknesses, and review current developments to mitigate these weaknesses. This review helps practitioners to assess the applicability of RBAC to their organization and also indicates where more research is needed to improve RBAC.
    Original languageUndefined
    Pages (from-to)81-88
    Number of pages8
    JournalComputer (New York)
    Volume45
    Issue number6
    DOIs
    Publication statusPublished - Jun 2012

    Keywords

    • role management
    • security management
    • EWI-21398
    • SCS-Services
    • IR-79589
    • Identity and Access Management (IAM)
    • RBAC
    • role engineering
    • METIS-285070
    • Access Control

    Cite this