== Solaris 10 RBAC sites == Ben Rockwood's blog entry [http://cuddletech.com/blog/pivot/entry.php?id=362 Using RBAC on (Open)Solaris] posted 30 Sep '05. Sun's sites [http://docs.sun.com/app/docs/doc/806-4078/6jd6cjs5r?a=view Databases that Support RBAC] and [http://docs.sun.com/app/docs/doc/806-4078/6jd6cjs5s?a=view RBAC Commands] A Sun [http://www.sun.com/blueprints/ BluePrint] [http://www.sun.com/blueprints/0603/817-3062.pdf Role-Based Access Control and Secure Shell] and a Sun White Paper [http://www.sun.com/software/whitepapers/wp-rbac/wp-rbac.pdf RBAC in the Solaris Operating Environment] Three pages by Softpanorama (a 'slightly skeptical' Open Source Software Educational Society): [http://www.softpanorama.org/Solaris/Security/solaris_rbac.shtml Solaris 10 Role Based Access Control (RBAC)], [http://www.softpanorama.org/Access_control/role_engineering.shtml RBAC, SOX and Role Engineering in Large Organizations] and [http://www.softpanorama.org/Solaris/Security/solaris_privilege_sets.shtml#Privileges_and_RBAC Privileges and RBAC] Glenn Brunette's Security weblog's [http://blogs.sun.com/gbrunett/20050420 Enforcing a Two Man Rule Using Solaris 10 RBAC] posted April 30, 2005. Sawib Ali's e-mail [http://seclists.org/webappsec/2005/q3/0254.html FYI: RBAC for WebApps using LDAP] == RBAC Resources == There is a book that covers most apects of RBAC: [[http://www.amazon.com/gp/product/1580533701/102-0938547-5630513?v=glance&n=283155 Role-Based Access Control]], David F. Ferraiolo, D. Richard Kuhn, and Ramaswamy Chandramouli, Artech House, Inc., Norwood, MA, USA, 2003. The National Institue of Standards and Technology maintains a comprehensive RBAC web site [[http://csrc.nist.gov/rbac/ Role Based Access Control]] edited by David Ferraiolo, Rick Kuhn, Ramaswamy Chandramouli, and John Barkley. This site includes sections on RBAC Standards, RBAC Design and Implementation, Downloadable RBAC Software, and NIST RBAC Patents. Role Based Access Control (RBAC) is an American Standard: [[ftp://orbit-lab.org/internal3/ANSI+INCITS+359-2004.pdf American National Standard for Information Technology - Role Based Access Control]] , American National Standards Institute Inc, ANSI INCITS 359-2004, February 2004. The RBAC standard uses the Z Formal Specification Notation that is an International Standard: [[ftp://orbit-lab.org/internal3/c021573_ISO_IEC_13568_2002E.pdf Information Technology - Z Formal Specification Notation - Syntax, Type System and Semantics]], ISO/IEC International Standard 13568:2002(E), July 2002. An important Z reference: [[ftp://orbit-lab.org/internal3/zrm.pdf The Z Notation: A Reference Manual, Second Edition]], J. M. Spivey, Oriel College, Oxford, UK, 1998. The Z Formal Specification Notation uses a number of special symbols to specify the actions of RBAC methods. Each of these special symbols can be represented in [[http://www.unicode.org Unicode]], and although Trac uses Unicode internally, some of these symbols may not display with any of the fonts available on your browser. BTW, any Unicode code point can be entered in Trac in an HTML block like the blue one below on the right, then that character may be cut and pasted from the resulting page. {{{ #!html

∀⟪⟦⊦⩥⧹⋃⟧⟫

}}}