Translating role-based access control policy within context
Identifieur interne :
000054 ( PascalFrancis/Curation );
précédent :
000053;
suivant :
000055
Translating role-based access control policy within context
Auteurs : Jean Bacon [
Royaume-Uni] ;
Michael Lloyd [
Royaume-Uni] ;
Ken Moody [
Royaume-Uni]
Source :
-
Lecture notes in computer science [ 0302-9743 ] ; 2001.
RBID : Pascal:01-0149374
Descripteurs français
English descriptors
Abstract
The motivation for this work derives from a study undertaken with a view to providing ubiquitous access to Electronic Health Records (EHRs) held within the National Health Service in England. Any implementation must guarantee confidentiality. In October 1999 the Cambridge Computer Laboratory's Opera group joined a consortium within the Eastern Regional Health Authority to propose an experimental architecture which included role-based access control (RBAC). Specifying a policy for role-based access has two aspects: first, the conditions for entering each role must be established; secondly, the access privileges associated with each role must be defined. Access control policy must implement public policy and its expression must be transparent to computer non-specialists. We have therefore designed and implemented a pseudo-natural language framework sufficient for both of these purposes. Policy statements are translated into first-order logic, with side conditions which are evaluated by consulting a context-dependent database, and subsequently into access control procedures.
pA |
A01 | 01 | 1 | | @0 0302-9743 |
---|
A05 | | | | @2 1995 |
---|
A08 | 01 | 1 | ENG | @1 Translating role-based access control policy within context |
---|
A09 | 01 | 1 | ENG | @1 POLICY 2001 : policies for distributed systems and networks : Bristol, 29-31 January 2001 |
---|
A11 | 01 | 1 | | @1 BACON (Jean) |
---|
A11 | 02 | 1 | | @1 LLOYD (Michael) |
---|
A11 | 03 | 1 | | @1 MOODY (Ken) |
---|
A12 | 01 | 1 | | @1 SLOMAN (Morris) @9 ed. |
---|
A12 | 02 | 1 | | @1 LOBO (Jorge) @9 ed. |
---|
A12 | 03 | 1 | | @1 LUPU (Emil C.) @9 ed. |
---|
A14 | 01 | | | @1 University of Cambridge Computer Laboratory, New Museum Site, Pembroke Street @2 Cambridge CB2 3QG @3 GBR @Z 1 aut. @Z 2 aut. @Z 3 aut. |
---|
A20 | | | | @1 107-119 |
---|
A21 | | | | @1 2001 |
---|
A23 | 01 | | | @0 ENG |
---|
A26 | 01 | | | @0 3-540-41610-2 |
---|
A43 | 01 | | | @1 INIST @2 16343 @5 354000092031680070 |
---|
A44 | | | | @0 0000 @1 © 2001 INIST-CNRS. All rights reserved. |
---|
A45 | | | | @0 16 ref. |
---|
A47 | 01 | 1 | | @0 01-0149374 |
---|
A60 | | | | @1 P @2 C |
---|
A61 | | | | @0 A |
---|
A64 | 01 | 1 | | @0 Lecture notes in computer science |
---|
A66 | 01 | | | @0 DEU |
---|
C01 | 01 | | ENG | @0 The motivation for this work derives from a study undertaken with a view to providing ubiquitous access to Electronic Health Records (EHRs) held within the National Health Service in England. Any implementation must guarantee confidentiality. In October 1999 the Cambridge Computer Laboratory's Opera group joined a consortium within the Eastern Regional Health Authority to propose an experimental architecture which included role-based access control (RBAC). Specifying a policy for role-based access has two aspects: first, the conditions for entering each role must be established; secondly, the access privileges associated with each role must be defined. Access control policy must implement public policy and its expression must be transparent to computer non-specialists. We have therefore designed and implemented a pseudo-natural language framework sufficient for both of these purposes. Policy statements are translated into first-order logic, with side conditions which are evaluated by consulting a context-dependent database, and subsequently into access control procedures. |
---|
C02 | 01 | X | | @0 001D02B04 |
---|
C03 | 01 | 1 | FRE | @0 Politique publique @5 01 |
---|
C03 | 01 | 1 | ENG | @0 Public policy @5 01 |
---|
C03 | 02 | X | FRE | @0 Logique ordre 1 @5 02 |
---|
C03 | 02 | X | ENG | @0 First order logic @5 02 |
---|
C03 | 02 | X | SPA | @0 Lógica orden 1 @5 02 |
---|
C03 | 03 | X | FRE | @0 Base donnée @5 03 |
---|
C03 | 03 | X | ENG | @0 Database @5 03 |
---|
C03 | 03 | X | SPA | @0 Base dato @5 03 |
---|
C03 | 04 | X | FRE | @0 Service santé @5 04 |
---|
C03 | 04 | X | ENG | @0 Health service @5 04 |
---|
C03 | 04 | X | SPA | @0 Servicio sanidad @5 04 |
---|
C03 | 05 | X | FRE | @0 Système réparti @5 05 |
---|
C03 | 05 | X | ENG | @0 Distributed system @5 05 |
---|
C03 | 05 | X | SPA | @0 Sistema repartido @5 05 |
---|
C03 | 06 | X | FRE | @0 Application médicale @5 06 |
---|
C03 | 06 | X | ENG | @0 Medical application @5 06 |
---|
C03 | 06 | X | SPA | @0 Aplicación medical @5 06 |
---|
C03 | 07 | X | FRE | @0 Contrôle accés basé rôle @4 INC @5 82 |
---|
C03 | 08 | X | FRE | @0 Contrôle accès @4 CD @5 96 |
---|
C03 | 08 | X | ENG | @0 Access control @4 CD @5 96 |
---|
N21 | | | | @1 099 |
---|
|
pR |
A30 | 01 | 1 | ENG | @1 Policies for distributed systems and networks. International workshop @3 Bristol GBR @4 2001-01-29 |
---|
|
Links toward previous steps (curation, corpus...)
- to stream PascalFrancis, to step Corpus: Pour aller vers cette notice dans l'étape Curation :000664
Links to Exploration step
Pascal:01-0149374
Le document en format XML
<record><TEI><teiHeader><fileDesc><titleStmt><title xml:lang="en" level="a">Translating role-based access control policy within context</title>
<author><name sortKey="Bacon, Jean" sort="Bacon, Jean" uniqKey="Bacon J" first="Jean" last="Bacon">Jean Bacon</name>
<affiliation wicri:level="1"><inist:fA14 i1="01"><s1>University of Cambridge Computer Laboratory, New Museum Site, Pembroke Street</s1>
<s2>Cambridge CB2 3QG</s2>
<s3>GBR</s3>
<sZ>1 aut.</sZ>
<sZ>2 aut.</sZ>
<sZ>3 aut.</sZ>
</inist:fA14>
<country>Royaume-Uni</country>
</affiliation>
</author>
<author><name sortKey="Lloyd, Michael" sort="Lloyd, Michael" uniqKey="Lloyd M" first="Michael" last="Lloyd">Michael Lloyd</name>
<affiliation wicri:level="1"><inist:fA14 i1="01"><s1>University of Cambridge Computer Laboratory, New Museum Site, Pembroke Street</s1>
<s2>Cambridge CB2 3QG</s2>
<s3>GBR</s3>
<sZ>1 aut.</sZ>
<sZ>2 aut.</sZ>
<sZ>3 aut.</sZ>
</inist:fA14>
<country>Royaume-Uni</country>
</affiliation>
</author>
<author><name sortKey="Moody, Ken" sort="Moody, Ken" uniqKey="Moody K" first="Ken" last="Moody">Ken Moody</name>
<affiliation wicri:level="1"><inist:fA14 i1="01"><s1>University of Cambridge Computer Laboratory, New Museum Site, Pembroke Street</s1>
<s2>Cambridge CB2 3QG</s2>
<s3>GBR</s3>
<sZ>1 aut.</sZ>
<sZ>2 aut.</sZ>
<sZ>3 aut.</sZ>
</inist:fA14>
<country>Royaume-Uni</country>
</affiliation>
</author>
</titleStmt>
<publicationStmt><idno type="wicri:source">INIST</idno>
<idno type="inist">01-0149374</idno>
<date when="2001">2001</date>
<idno type="stanalyst">PASCAL 01-0149374 INIST</idno>
<idno type="RBID">Pascal:01-0149374</idno>
<idno type="wicri:Area/PascalFrancis/Corpus">000664</idno>
<idno type="wicri:Area/PascalFrancis/Curation">000054</idno>
</publicationStmt>
<sourceDesc><biblStruct><analytic><title xml:lang="en" level="a">Translating role-based access control policy within context</title>
<author><name sortKey="Bacon, Jean" sort="Bacon, Jean" uniqKey="Bacon J" first="Jean" last="Bacon">Jean Bacon</name>
<affiliation wicri:level="1"><inist:fA14 i1="01"><s1>University of Cambridge Computer Laboratory, New Museum Site, Pembroke Street</s1>
<s2>Cambridge CB2 3QG</s2>
<s3>GBR</s3>
<sZ>1 aut.</sZ>
<sZ>2 aut.</sZ>
<sZ>3 aut.</sZ>
</inist:fA14>
<country>Royaume-Uni</country>
</affiliation>
</author>
<author><name sortKey="Lloyd, Michael" sort="Lloyd, Michael" uniqKey="Lloyd M" first="Michael" last="Lloyd">Michael Lloyd</name>
<affiliation wicri:level="1"><inist:fA14 i1="01"><s1>University of Cambridge Computer Laboratory, New Museum Site, Pembroke Street</s1>
<s2>Cambridge CB2 3QG</s2>
<s3>GBR</s3>
<sZ>1 aut.</sZ>
<sZ>2 aut.</sZ>
<sZ>3 aut.</sZ>
</inist:fA14>
<country>Royaume-Uni</country>
</affiliation>
</author>
<author><name sortKey="Moody, Ken" sort="Moody, Ken" uniqKey="Moody K" first="Ken" last="Moody">Ken Moody</name>
<affiliation wicri:level="1"><inist:fA14 i1="01"><s1>University of Cambridge Computer Laboratory, New Museum Site, Pembroke Street</s1>
<s2>Cambridge CB2 3QG</s2>
<s3>GBR</s3>
<sZ>1 aut.</sZ>
<sZ>2 aut.</sZ>
<sZ>3 aut.</sZ>
</inist:fA14>
<country>Royaume-Uni</country>
</affiliation>
</author>
</analytic>
<series><title level="j" type="main">Lecture notes in computer science</title>
<idno type="ISSN">0302-9743</idno>
<imprint><date when="2001">2001</date>
</imprint>
</series>
</biblStruct>
</sourceDesc>
<seriesStmt><title level="j" type="main">Lecture notes in computer science</title>
<idno type="ISSN">0302-9743</idno>
</seriesStmt>
</fileDesc>
<profileDesc><textClass><keywords scheme="KwdEn" xml:lang="en"><term>Access control</term>
<term>Database</term>
<term>Distributed system</term>
<term>First order logic</term>
<term>Health service</term>
<term>Medical application</term>
<term>Public policy</term>
</keywords>
<keywords scheme="Pascal" xml:lang="fr"><term>Politique publique</term>
<term>Logique ordre 1</term>
<term>Base donnée</term>
<term>Service santé</term>
<term>Système réparti</term>
<term>Application médicale</term>
<term>Contrôle accés basé rôle</term>
<term>Contrôle accès</term>
</keywords>
<keywords scheme="Wicri" type="topic" xml:lang="fr"><term>Base de données</term>
</keywords>
</textClass>
</profileDesc>
</teiHeader>
<front><div type="abstract" xml:lang="en">The motivation for this work derives from a study undertaken with a view to providing ubiquitous access to Electronic Health Records (EHRs) held within the National Health Service in England. Any implementation must guarantee confidentiality. In October 1999 the Cambridge Computer Laboratory's Opera group joined a consortium within the Eastern Regional Health Authority to propose an experimental architecture which included role-based access control (RBAC). Specifying a policy for role-based access has two aspects: first, the conditions for entering each role must be established; secondly, the access privileges associated with each role must be defined. Access control policy must implement public policy and its expression must be transparent to computer non-specialists. We have therefore designed and implemented a pseudo-natural language framework sufficient for both of these purposes. Policy statements are translated into first-order logic, with side conditions which are evaluated by consulting a context-dependent database, and subsequently into access control procedures.</div>
</front>
</TEI>
<inist><standard h6="B"><pA><fA01 i1="01" i2="1"><s0>0302-9743</s0>
</fA01>
<fA05><s2>1995</s2>
</fA05>
<fA08 i1="01" i2="1" l="ENG"><s1>Translating role-based access control policy within context</s1>
</fA08>
<fA09 i1="01" i2="1" l="ENG"><s1>POLICY 2001 : policies for distributed systems and networks : Bristol, 29-31 January 2001</s1>
</fA09>
<fA11 i1="01" i2="1"><s1>BACON (Jean)</s1>
</fA11>
<fA11 i1="02" i2="1"><s1>LLOYD (Michael)</s1>
</fA11>
<fA11 i1="03" i2="1"><s1>MOODY (Ken)</s1>
</fA11>
<fA12 i1="01" i2="1"><s1>SLOMAN (Morris)</s1>
<s9>ed.</s9>
</fA12>
<fA12 i1="02" i2="1"><s1>LOBO (Jorge)</s1>
<s9>ed.</s9>
</fA12>
<fA12 i1="03" i2="1"><s1>LUPU (Emil C.)</s1>
<s9>ed.</s9>
</fA12>
<fA14 i1="01"><s1>University of Cambridge Computer Laboratory, New Museum Site, Pembroke Street</s1>
<s2>Cambridge CB2 3QG</s2>
<s3>GBR</s3>
<sZ>1 aut.</sZ>
<sZ>2 aut.</sZ>
<sZ>3 aut.</sZ>
</fA14>
<fA20><s1>107-119</s1>
</fA20>
<fA21><s1>2001</s1>
</fA21>
<fA23 i1="01"><s0>ENG</s0>
</fA23>
<fA26 i1="01"><s0>3-540-41610-2</s0>
</fA26>
<fA43 i1="01"><s1>INIST</s1>
<s2>16343</s2>
<s5>354000092031680070</s5>
</fA43>
<fA44><s0>0000</s0>
<s1>© 2001 INIST-CNRS. All rights reserved.</s1>
</fA44>
<fA45><s0>16 ref.</s0>
</fA45>
<fA47 i1="01" i2="1"><s0>01-0149374</s0>
</fA47>
<fA60><s1>P</s1>
<s2>C</s2>
</fA60>
<fA64 i1="01" i2="1"><s0>Lecture notes in computer science</s0>
</fA64>
<fA66 i1="01"><s0>DEU</s0>
</fA66>
<fC01 i1="01" l="ENG"><s0>The motivation for this work derives from a study undertaken with a view to providing ubiquitous access to Electronic Health Records (EHRs) held within the National Health Service in England. Any implementation must guarantee confidentiality. In October 1999 the Cambridge Computer Laboratory's Opera group joined a consortium within the Eastern Regional Health Authority to propose an experimental architecture which included role-based access control (RBAC). Specifying a policy for role-based access has two aspects: first, the conditions for entering each role must be established; secondly, the access privileges associated with each role must be defined. Access control policy must implement public policy and its expression must be transparent to computer non-specialists. We have therefore designed and implemented a pseudo-natural language framework sufficient for both of these purposes. Policy statements are translated into first-order logic, with side conditions which are evaluated by consulting a context-dependent database, and subsequently into access control procedures.</s0>
</fC01>
<fC02 i1="01" i2="X"><s0>001D02B04</s0>
</fC02>
<fC03 i1="01" i2="1" l="FRE"><s0>Politique publique</s0>
<s5>01</s5>
</fC03>
<fC03 i1="01" i2="1" l="ENG"><s0>Public policy</s0>
<s5>01</s5>
</fC03>
<fC03 i1="02" i2="X" l="FRE"><s0>Logique ordre 1</s0>
<s5>02</s5>
</fC03>
<fC03 i1="02" i2="X" l="ENG"><s0>First order logic</s0>
<s5>02</s5>
</fC03>
<fC03 i1="02" i2="X" l="SPA"><s0>Lógica orden 1</s0>
<s5>02</s5>
</fC03>
<fC03 i1="03" i2="X" l="FRE"><s0>Base donnée</s0>
<s5>03</s5>
</fC03>
<fC03 i1="03" i2="X" l="ENG"><s0>Database</s0>
<s5>03</s5>
</fC03>
<fC03 i1="03" i2="X" l="SPA"><s0>Base dato</s0>
<s5>03</s5>
</fC03>
<fC03 i1="04" i2="X" l="FRE"><s0>Service santé</s0>
<s5>04</s5>
</fC03>
<fC03 i1="04" i2="X" l="ENG"><s0>Health service</s0>
<s5>04</s5>
</fC03>
<fC03 i1="04" i2="X" l="SPA"><s0>Servicio sanidad</s0>
<s5>04</s5>
</fC03>
<fC03 i1="05" i2="X" l="FRE"><s0>Système réparti</s0>
<s5>05</s5>
</fC03>
<fC03 i1="05" i2="X" l="ENG"><s0>Distributed system</s0>
<s5>05</s5>
</fC03>
<fC03 i1="05" i2="X" l="SPA"><s0>Sistema repartido</s0>
<s5>05</s5>
</fC03>
<fC03 i1="06" i2="X" l="FRE"><s0>Application médicale</s0>
<s5>06</s5>
</fC03>
<fC03 i1="06" i2="X" l="ENG"><s0>Medical application</s0>
<s5>06</s5>
</fC03>
<fC03 i1="06" i2="X" l="SPA"><s0>Aplicación medical</s0>
<s5>06</s5>
</fC03>
<fC03 i1="07" i2="X" l="FRE"><s0>Contrôle accés basé rôle</s0>
<s4>INC</s4>
<s5>82</s5>
</fC03>
<fC03 i1="08" i2="X" l="FRE"><s0>Contrôle accès</s0>
<s4>CD</s4>
<s5>96</s5>
</fC03>
<fC03 i1="08" i2="X" l="ENG"><s0>Access control</s0>
<s4>CD</s4>
<s5>96</s5>
</fC03>
<fN21><s1>099</s1>
</fN21>
</pA>
<pR><fA30 i1="01" i2="1" l="ENG"><s1>Policies for distributed systems and networks. International workshop</s1>
<s3>Bristol GBR</s3>
<s4>2001-01-29</s4>
</fA30>
</pR>
</standard>
</inist>
</record>
Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Musique/explor/OperaV1/Data/PascalFrancis/Curation
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 000054 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/PascalFrancis/Curation/biblio.hfd -nk 000054 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Wicri/Musique
|area= OperaV1
|flux= PascalFrancis
|étape= Curation
|type= RBID
|clé= Pascal:01-0149374
|texte= Translating role-based access control policy within context
}}
| This area was generated with Dilib version V0.6.21. Data generation: Thu Apr 14 14:59:05 2016. Site generation: Thu Jan 4 23:09:23 2024 | |