[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Call for Papers: Fourth ACM Workshop on Role-based Access Control

Date: Oct. 28-29, 1999
Place: George Mason University
url: www.list.gmu.edu/rbac

Sponsored By: ACM Sigsac
Hosted By: George Mason University

The essence of Role-Based Access Control (RBAC) is that permissions
are assigned to roles rather than to individual users.  Users acquire
these permissions by virtue of being authorized to act in these roles.
The driving motivation for RBAC is to simplify security policy
administration while facilitating the definition of flexible,
customized policies.  Basic RBAC models have been successfully applied
since the mainframe era, but emerging systems, which have greater
numbers of users, roles, and systems, challenge the expressive power
of these traditional models.

Workshop Scope:

The ACM workshops on RBAC bring together researchers, developers, and
practitioners to discuss the application of RBAC to both traditional
and emerging systems and the development of new access control
paradigms for future applications.  The workshop invites participation from
the database, network, distributed systems, operating systems, security and
application communities.  Contributions reporting experiences with the
implementation and use of RBAC systems are strongly encouraged.
Attendance is limited to 40 participants to foster a workshop atmosphere.

Topics of interest include, but are not restricted to:

- Modeling and specification of RBAC systems
- Administration of RBAC systems
- RBAC in database security
- Specification and enforcement of security policy
- Delegation and inheritance of access rights in RBAC systems
- Task-based access control and RBAC in collaborative environments
- Application Areas e.g., health-care, WWW
- Support for RBAC in traditional access control systems
- RBAC and organizational control principles
- Experiences with RBAC-based systems; case studies
- Enabling technologies: Java, LDAP, intra-net environments
- Implementation, integration and scalability of RBAC
- End-user tools to support RBAC administration and engineering


Users, developers and researchers are invited to submit seven copies
of their papers (in English and limited to 6000 words) to the Program
Chair at the coordinates given below before the due date.  Submissions can
be either hard copy or electronic (postscript preferred). Papers must be
original and should not be under consideration for publication
elsewhere.  Copyrights for accepted papers must be transferable to ACM
(except for Government work).  Papers will be published by ACM in a
proceedings to be distributed at the workshop and mailed to all SIGSAC
members.  Outstanding papers will be considered for publication in ACM's
new Transactions on Information and Systems Security (TISSEC).

Proposals for panels and group discussions should be sent, preferably
by email, to the Panels Chair at dferraiolo@nist.gov.

Paper Submissions should be sent to:
Sylvia Osborn, Program Committee Chair,
Dept. of Computer Science,
The University of Western Ontario,
London, Ontario, Canada, N6A 5B7
email: sylvia@csd.uwo.ca

Papers and Panel Proposals Due: May 15, 1999
Notification of acceptance and advance program: June 30, 1999
Deadline for final version of papers: July 31, 1999
Workshop: October 28-29, 1999

Ed Coyne, Science Applications International Corporation
David Ferraiolo, National Institute of Standards and Technology
Trent Jaeger, IBM T.J. Watson Research Center
Sylvia Osborn, The University of Western Ontario
Ravi Sandhu, George Mason University
Charles Youman, Blue Cross Blue Shield

General Conference Chair: Charles Youman, Blue Cross Blue Shield
Local Arrangements: Srinivas Ganta, CygnaCom Solutions Inc.
Program Committee Chair: Sylvia Osborn, The University of Western Ontario
Panels Chair: David Ferraiolo, National Institute of Standards and
Proceedings Chair: Vijay Atluri, Rutgers University
Publicity Chair: Trent Jaeger, IBM T.J. Watson Research Center


Vijay Atluri, Rutgers University
Dave Ferraiolo, National Institute of Standards and Technology
Luigi Giuri,  Fondazione Ugo Bordoni
Trent Jaeger, IBM T.J. Watson Research Center
Carl Landwehr, U.S. Naval Research Laboratory
Emil Lupu, Imperial College
Ravi Sandhu, George Mason University
Richard Simon
Roshan Thomas, TIS Labs at Network Associates
Dan Thomsen, Secure Computing Corp.
Dan Wallach, Rice University

Information on registration and accommodations will be provided.
There will be a registration fee for all participants to cover meeting