• A Methodology for Managing Roles in Legacy Systems

      Osborn, Sylvia; Han, Yan; Liu, Jun (2003)
      Role-based access control (RBAC) is well accepted as a good technology for managing and designing access control in systems with many users and many objects. Much of the research on RBAC has been done in an environment isolated from real systems which need to be managed. In this paper, we propose a methodology for using an RBAC design tool we have developed, to manage and effect changes to an underlying relational database. We also discuss how to simulate the role graph model on a Unix system, and extend the methodology just described for relational databases to managing a Unix system when changes are made to the role graph.