Hide menu

Role-Based Access Control in Distributed Systems

This project has completed.

Principal investigator: Professor Nahid Shahmehri
Members: Mats Gustavsson (with Ericsson)
Funding agency:
Related projects:
Keywords: security, role-based access control


Role-based access control (RBAC) is an efficient way of organizing access control information, both from an administrative and system architectural point of view. To benefit from the advantages in a distributed system, several building blocks are necessary. We need a distributed infrastructure that can enforce access control and allows applications to communicate securely. Within this infrastructure, roles and access rights must be managed efficiently. To protect existing investments we must cater for legacy systems and demonstrate how existing applications can be integrated into the distributed infrastructure.


  • Shahmehri N., Gustafsson M., 'Security Issues in Distributed Information Systems'. The Second European RISI Conference, The ISES project conference track, November 27-28, 1998, Graz, Styria, Austria.
  • Gustafsson M., Deligny B., Shahmehri N., 'Using NFS to implement role-based access control', in Proceedings of the IEEE Sixth WET-ICE, International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises(WET-ICE'97), Enterprise Security, pp. 299-304, (Cambridge, MA, USA), 1997.
  • Gustafsson M., Shahmehri N., 'A Role-Description Framework and its Applications to Role-Based Access Control', Presented at the IEEE Fifth WET-ICE, International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, Enterprise Security., March, 1996. A revised version of this paper is presented at NORDSEC, Nordic Workshop on Secure Computer Systems, (Göteborg), November 7-8, 1996.

Page responsible: Nahid Shahmehri
Last updated: 2009-06-23