== Solaris 10 RBAC sites == Ben Rockwood's blog entry [http://cuddletech.com/blog/pivot/entry.php?id=362 Using RBAC on (Open)Solaris] posted 30 Sep '05. Sun's sites [http://docs.sun.com/app/docs/doc/806-4078/6jd6cjs5r?a=view Databases that Support RBAC] and [http://docs.sun.com/app/docs/doc/806-4078/6jd6cjs5s?a=view RBAC Commands] A Sun [http://www.sun.com/blueprints/ BluePrint] [http://www.sun.com/blueprints/0603/817-3062.pdf Role-Based Access Control and Secure Shell] and a Sun White Paper [http://www.sun.com/software/whitepapers/wp-rbac/wp-rbac.pdf RBAC in the Solaris Operating Environment] Three pages by Softpanorama (a 'slightly skeptical' Open Source Software Educational Society): [http://www.softpanorama.org/Solaris/Security/solaris_rbac.shtml Solaris 10 Role Based Access Control (RBAC)], [http://www.softpanorama.org/Access_control/role_engineering.shtml RBAC, SOX and Role Engineering in Large Organizations] and [http://www.softpanorama.org/Solaris/Security/solaris_privilege_sets.shtml#Privileges_and_RBAC Privileges and RBAC] Glenn Brunette's Security weblog's [http://blogs.sun.com/gbrunett/20050420 Enforcing a Two Man Rule Using Solaris 10 RBAC] posted April 30, 2005. Sawib Ali's e-mail [http://seclists.org/webappsec/2005/q3/0254.html FYI: RBAC for WebApps using LDAP] ⋈ ∇ ''O''(10) ⌀ ¥ pasted from HTML trick vs. ¥ pasted from KCharSelect {{{ #!html

⟪⟫⥡⥡⧢◈▤¥⨟

}}} Role Based Access Control (RBAC) is now an American Standard: [[ftp://orbit-lab.org/internal3/ANSI+INCITS+359-2004.pdf Inc04]] American National Standards Institute Inc. American National Standard for Information Technology - Role Based Access Control. ANSI INCITS 359-2004, February 2004. This standard uses the Z Formal Specification Notation that is an International Standard: [[ftp://orbit-lab.org/internal3/c021573_ISO_IEC_13568_2002E.pdf ISO02]] ISO/IEC. Information Technology - Z Formal Specification Notation - Syntax, Type System and Semantics. Technical Report 13568:2002, ISO/IEC, July 2002. International Standard. Another Z reference: [[ftp://orbit-lab.org/internal3/zrm.pdf Spi98]] J. M. Spivey. ''The Z Notation: A Reference Manual, Second Edition''. Oriel College. J. M. Spivey, Oxford, UK, 1998. The Z Formal Specification Notation uses a number of special symbols that can be represented in [[http://www.unicode.org Unicode]], and Trac uses Unicode internally, but some of them may not display with any of the fonts available on your browser. Any Unicode code point can be entered in Trac in an HTML block like this one {{{#!html

ßЙቐ∀⌀◈▤¥⨟

}}} then cut and pasted from the resulting page. [[ftp://orbit-lab.org/internal3/861998.pdf FKC03]] David F. Ferraiolo, D. Richard Kuhn, and Ramaswamy Chandramouli. ''Role-Based Access Control''. Artech House, Inc., Norwood, MA, USA, 2003. [[ftp://orbit-lab.org/internal3/NIST-rbac-site.pdf FKCB06]] David Ferraiolo, Rick Kuhn, Ramaswamy Chandramouli, and John Barkley. Role-Based Access Control. National Institue of Standards and Technology web site, August 2006. http://csrc.nist.gov/rbac/.