Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Specifying and Managing Role-Based Access Control Within a Corporate Intranet

Published

Author(s)

David F. Ferraiolo, John Barkley

Abstract

In order for intranets to reach their full potential, access control and authorization management mechanisms must be in place that can regulate user access to information in a manner that is consistent with the current set of laws, regulations, and practices that face businesses today. The purpose of RBAC on the Web would be to provide this access control service, thereby enabling the use of the Web for new and more sophisticated applications -- to allow access to information and other resources that would otherwise not be possible given the existing lack of operational assurance. This paper describes an approach at providing these assurances through the use of RBAC for networked Web servers.
Proceedings Title
Proceedings of the Second ACM Workshop on Role-Based Access Control (RBAC '97)
Conference Dates
November 6-7, 1997
Conference Location
Fairfax, VA
Conference Title
Second ACM Workshop on Role-Based Access Control (RBAC '97)

Keywords

access control, intranets, RBAC, Role-Based Access Control, World Wide Web, Web servers

Citation

Ferraiolo, D. and Barkley, J. (1997), Specifying and Managing Role-Based Access Control Within a Corporate Intranet, Proceedings of the Second ACM Workshop on Role-Based Access Control (RBAC '97), Fairfax, VA, [online], https://doi.org/10.1145/266741.266761 (Accessed December 1, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created November 7, 1997, Updated November 10, 2018