• 0
    • ارسال درخواست
    • حذف همه
    • Industrial Standards
    • Defence Standards
  • درباره ما
  • درخواست موردی
  • فهرست استانداردها
    • Industrial Standards
    • Defence Standards
  • راهنما
  • Login
  • لیست خرید شما 0
    • ارسال درخواست
    • حذف همه
View Item 
  •   YSE
  • Industrial Standards
  • ANSI - American National Standards Institute
  • View Item
  •   YSE
  • Industrial Standards
  • ANSI - American National Standards Institute
  • View Item
  • All Fields
  • Title(or Doc Num)
  • Organization
  • Year
  • Subject
Advanced Search
JavaScript is disabled for your browser. Some features of this site may not work without it.

Archive

ANSI INCITS 359

Information Technology – Role Based Access Control

Organization:
ANSI - American National Standards Institute
Year: 2012

Abstract: This standard consists of two main parts – the RBAC Reference Model and the RBAC System and Administrative Functional Specification.
The RBAC Reference Model defines sets of basic RBAC elements (i.e., users, roles, permissions, operations and objects) and relations as types and functions that are included in this standard. The RBAC reference model serves two purposes. First, the reference model defines the scope of RBAC features that are included in the standard. This identifies the minimum set of features included in all RBAC systems, aspects of role hierarchies, aspects of static constraint relations, and aspects of dynamic constraint relations. Second, the reference model provides a precise and consistent language, in terms of element sets and functions for use in defining the functional specification.
The RBAC System and Administrative Functional Specification specifies the features that are required of an RBAC system. These features fall into three categories, administrative operations, administrative reviews, and system level functionality. The administrative operations define functions in terms of an administrative interface and an associated set of semantics that provide the capability to create, delete and maintain RBAC elements and relations (e.g., to create and delete user role assignments). The administrative review features define functions in terms of an administrative interface and an associated set of semantics that provide the capability to perform query operations on RBAC elements and relations. System level functionality defines features for the creation of user sessions to include role activation/deactivation, the enforcement of constraints on role activation, and for calculation of an access decision. Annex A provides a functional specification overview. Informative Annex B provides a rationale for the major RBAC components defined in this document.
A companion to this standard describes the enhancement of RBAC constraints. The present standard recognizes only constraints that are local to an RBAC environment. These constraints deal only with separation of duty and cardinality. These constraints are evaluated within the local RBAC environment, as opposed to being provided from outside the local RBAC environment. The RBAC Policy-Enhanced (RPE) standard [RPE] also specifies constraints evaluated within the local environment. In addition, external constraints or the results of evaluating external constraints are imported into the environment. These constraints may change in real-time.
This standard and the RPE standard have the evaluation of constraints as part of the access control decision in common. Thus, they are compatible, with the base standard addressing more limited constraints and the RPE standard addressing a potentially wide variety of constraints.
URI: http://mapnamagz.yabesh.ir/std;query=authoF23793FD08/handle/yse/130070
Collections :
  • ANSI - American National Standards Institute
  • Download PDF : (591.4Kb)
  • Show Full MetaData Hide Full MetaData
  • Statistics

    ANSI INCITS 359

Show full item record

contributor authorANSI - American National Standards Institute
date accessioned2017-09-04T17:06:30Z
date available2017-09-04T17:06:30Z
date copyright2012.05.29
date issued2012
identifier otherYFIPXEAAAAAAAAAA.pdf
identifier urihttp://mapnamagz.yabesh.ir/std;query=authoF23793FD08/handle/yse/130070
description abstractThis standard consists of two main parts – the RBAC Reference Model and the RBAC System and Administrative Functional Specification.
The RBAC Reference Model defines sets of basic RBAC elements (i.e., users, roles, permissions, operations and objects) and relations as types and functions that are included in this standard. The RBAC reference model serves two purposes. First, the reference model defines the scope of RBAC features that are included in the standard. This identifies the minimum set of features included in all RBAC systems, aspects of role hierarchies, aspects of static constraint relations, and aspects of dynamic constraint relations. Second, the reference model provides a precise and consistent language, in terms of element sets and functions for use in defining the functional specification.
The RBAC System and Administrative Functional Specification specifies the features that are required of an RBAC system. These features fall into three categories, administrative operations, administrative reviews, and system level functionality. The administrative operations define functions in terms of an administrative interface and an associated set of semantics that provide the capability to create, delete and maintain RBAC elements and relations (e.g., to create and delete user role assignments). The administrative review features define functions in terms of an administrative interface and an associated set of semantics that provide the capability to perform query operations on RBAC elements and relations. System level functionality defines features for the creation of user sessions to include role activation/deactivation, the enforcement of constraints on role activation, and for calculation of an access decision. Annex A provides a functional specification overview. Informative Annex B provides a rationale for the major RBAC components defined in this document.
A companion to this standard describes the enhancement of RBAC constraints. The present standard recognizes only constraints that are local to an RBAC environment. These constraints deal only with separation of duty and cardinality. These constraints are evaluated within the local RBAC environment, as opposed to being provided from outside the local RBAC environment. The RBAC Policy-Enhanced (RPE) standard [RPE] also specifies constraints evaluated within the local environment. In addition, external constraints or the results of evaluating external constraints are imported into the environment. These constraints may change in real-time.
This standard and the RPE standard have the evaluation of constraints as part of the access control decision in common. Thus, they are compatible, with the base standard addressing more limited constraints and the RPE standard addressing a potentially wide variety of constraints.
languageEnglish
titleANSI INCITS 359num
titleInformation Technology – Role Based Access Controlen
typestandard
page61
statusActive
treeANSI - American National Standards Institute:;2012
contenttypefulltext
DSpace software copyright © 2017-2020  DuraSpace
نرم افزار کتابخانه دیجیتال "دی اسپیس" فارسی شده توسط یابش برای کتابخانه های ایرانی | تماس با یابش
yabeshDSpacePersian
 
DSpace software copyright © 2017-2020  DuraSpace
نرم افزار کتابخانه دیجیتال "دی اسپیس" فارسی شده توسط یابش برای کتابخانه های ایرانی | تماس با یابش
yabeshDSpacePersian