[cap-talk] The origin of Role Based Access Control
Karp, Alan H
alan.karp at hp.com
Thu Jun 7 13:15:56 EDT 2007
According to NIST, it is D.F. Ferraiolo and D.R. Kuhn (1992) "Role Based
Access Control", 15th National Computer Security Conference, available
at http://csrc.nist.gov/rbac/Role_Based_Access_Control-1992.html.
Interestingly, RBAC wasn't introduced to make managing users easier. It
was addressing the problem of neither mandatory nor discretionary access
control being appropriate for non-military use.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list