TY  - JOUR
T1  - An Extended RBAC Model to Prevent Information Leakage Within Object-Oriented Systems
AU - , Shih-Chien Chou AU - , Yih-Cheng Lee 
JO  - Asian Journal of Information Technology
VL  - 4
IS  - 4
SP  - 438
EP  - 451
PY  - 2005
DA  - 2001/08/19
SN  - 1682-3915
DO  - ajit.2005.438.451
UR  - https://makhillpublications.co/view-article.php?doi=ajit.2005.438.451
KW  - 
AB  - This study proposes a role-based access control (RBAC) model to prevent information leakage within object-oriented systems. It is named ERBAC (extended role-based access control) because it is an extension of RBAC96. If offers the following useful features: (a) adapting to dynamic object state change, (b) adapting to dynamic role change, (c) avoiding Trojan horses, (d) detailing access control granularity to variables, (e) allowing declassification, (f) allowing purpose-oriented method invocation, and (g) controlling write access precisely. We evaluated ERBAC through experiments. The evaluation result is also shown in this study.
ER  -