Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Role Based Access Control for the World Wide Web

Published

Author(s)

John Barkley, Anthony V. Cincotta, David F. Ferraiolo, Serban I. Gavrila, David R. Kuhn

Abstract

One of the most challenging problems in managing large networked systems is the complexity of security administration. This is particularly true for organizations that AWeb (WWW) servers. Today, security administration is costly and prone to error because administrators usually specify access control lists for each user on the system individually. Role based access control (RBAC) is a technology that is attracting increasing attention, particularly for commercial applications, because of its potential for reducing the complexity and cost of security administration in large networked applications. This paper describes software components that provide RBAC for networked servers using WWW protocols. The RBAC components can be linked with commercially available web servers, and require no modification of the server software.
Proceedings Title
Proceedings of the 20th National Information Systems Security Conference (NISSC '97)
Conference Dates
October 7-10, 1997
Conference Location
Baltimore, MD
Conference Title
20th National Information Systems Security Conference (NISSC '97)

Keywords

access control, RBAC, Role-Based Access Control, World Wide Web

Citation

Barkley, J. , Cincotta, A. , Ferraiolo, D. , Gavrila, S. and Kuhn, D. (1997), Role Based Access Control for the World Wide Web, Proceedings of the 20th National Information Systems Security Conference (NISSC '97), Baltimore, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=916553 (Accessed December 14, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created October 10, 1997, Updated February 19, 2017