Access Control Hierarchies

Read Carefully


  1. Ravi Sandhu, “Role Hierarchies and Constraints for Lattice-Based Access Controls.” Proc. Fourth European Symposium on Research in Computer Security, Rome, Italy, September 25-27, 1996, pages 65-79. Published as Lecture Notes in Computer Science, Computer Security-ESORICS96 (Elisa Bertino et al, editors), Springer-Verlag, 1996.  pdf


  1. Ravi Sandhu, “Role Activation Hierarchies.” Proc. Third ACM Workshop on Role-Based Access Control, Fairfax, Virginia, October 22-23, 1998, pages 33-40.  pdf


  1. Sylvia Osborn, Ravi Sandhu and Qamar Munawer. “Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies.” ACM Transactions on Information and System Security, Volume 3, Number 2, May 2000, pages 85-106.  pdf
    Limit to MAC portion.  This paper includes material from 1 and 2.


  1. Jason Crampton.  “On permissions, inheritance and role hierarchies.”   Proceedings of the 10th ACM conference on Computer and communications security, Washington D.C 2003, pages: 85-92.  Available in ACM digital library through GMU.