Shih-Chien Chou  , Yih-Cheng Lee  , 
    An Extended RBAC Model to Prevent Information Leakage Within Object-Oriented Systems,
    Asian Journal of Information Technology,
    Volume 4,Issue 4,
    2005,
    Pages 438-451,
    ISSN 1682-3915,
    ajit.2005.438.451,
    (https://makhillpublications.co/view-article.php?doi=ajit.2005.438.451)
    Abstract: This study proposes a role-based access control (RBAC) model to prevent information leakage within object-oriented systems. It is named ERBAC (extended role-based access control) because it is an extension of RBAC96. If offers the following useful features: (a) adapting to dynamic object state change, (b) adapting to dynamic role change, (c) avoiding Trojan horses, (d) detailing access control granularity to variables, (e) allowing declassification, (f) allowing purpose-oriented method invocation, and (g) controlling write access precisely. We evaluated ERBAC through experiments. The evaluation result is also shown in this study.
    Keywords: