Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Implementing Role-Based Access Control Using Object Technology

Published

Author(s)

John Barkley

Abstract

With Role Based Access Control (RBAC), each role is associated with a set of operations which a user in that role may perform. The power of RBAC as an access control mechanism is the concept that an operation may theoretically be anything. This is contrasted to other access control mechanisms where bits or labels are associated with information blocks. These bits or labels indicate relatively simple operations, such as, read or write, which can be performed on an information block. Operations in RBAC may be arbitrarily complex, e.g., 'a night surgical nurse can only append surgical information to a patient record from a workstation in the operating theater while on duty in that operating theater from midnight to 8 AM.' A goal for implementing RBAC is to allow operations associated with roles to be as general as possible while not adversely impacting the administrative flexibility or the behavior of applications.
Proceedings Title
Proceedings of the First ACM Workshop on Role-Based Access Control (RBAC)
Volume
II
Conference Dates
November 30-December 1, 1995
Conference Location
Gaithersburg, MD
Conference Title
First ACM Workshop on Role-Based Access Control (RBAC)

Keywords

object oriented design, object technology, RBAC, Role-Based Access Control

Citation

Barkley, J. (1995), Implementing Role-Based Access Control Using Object Technology, Proceedings of the First ACM Workshop on Role-Based Access Control (RBAC), Gaithersburg, MD, [online], https://doi.org/10.1145/270152.270192 (Accessed June 23, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created December 1, 1995, Updated November 10, 2018