Most Cited Papers


Home
Publications
Most Cited Papers
Guide to Papers
Patents
Grants
PhD's Awarded
Invited Talks etc.
Teaching
Vitae etc.
Contact Me

    Total count: 48,500+ citations at Google Scholar. Get current listing from Google Scholar.

    Other links: DBLP ACM Arnetminer

    My h-index at Google Scholar is 88. See Wikipedia entry on h-index.

    The most cited paper in Access Control with 10,000+ citations at Google Scholar.

  1. Seminal RBAC paper: R. Sandhu et al, Role-Based Access Control Models, IEEE Computer, 29(2):38-47, Feb. 1996,
    Google Scholar Search

    2. Paper with 3,900+ citations at Google Scholar.

  2. RBAC Standard paper: D. Ferraiolo, R. Sandhu et al, Proposed NIST Standard for Role-Based Access Control, ACM Trans. on Information and System Security (TISSEC), 4(3): 224-274, Aug. 2001, Highlights
    Google Scholar Search
    Also see ANSI INCITS 359-2004 Standard for Role Based Access Control

    3. Paper with 2,000+ citations at Google Scholar.

  3. R. Sandhu and P. Samarati, Access Control: Principles and Practice, IEEE Communications, 32(9): 40-48, Sept. 1994,
    Google Scholar Search

    4. Paper with 1000+ citations at Google Scholar.

  4. R. Sandhu et al, The NIST Model for Role-Based Access Control: Towards A Unified Standard, Proc. 5th ACM Workshop on Role-Based Access Control, Berlin, July 26-28, 2000, pages 47-63,
    Google Scholar Search
  5. Jaehong Park and Ravi Sandhu. The UCON_ABC Usage Control Model, ACM Transactions on Information and System Security, Volume 7, Number 1, February 2004, pages 128-174.
    Google Scholar Search
  6. R. Sandhu,  Lattice-Based Access Control Models, IEEE Computer, 26(11): 9-19, Nov. 1993,
    Google Scholar Search

    7. Paper with 900+ citations at Google Scholar.

  7. R. Sandhu et al, The ARBAC97 Model for Role-Based Administration of Roles, ACM Transactions on Information and System Security (TISSEC), 2(1): 105-135, Feb. 1999,
    Google Scholar Search
  8. S. Osborn, R. Sandhu and Q. Munawer. Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies, ACM TISSEC, 3(2):85-106, May 2000.
    Google Scholar Search

    9. Papers with 500+ citations at Google Scholar.

  9. R. Thomas and R. Sandhu, Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management, Proc. 11th IFIP WG11.3 Working Conference on Database and Application Security, Lake Tahoe, California, August 1997, pages 262-275.
    Google Scholar Search
  10. G. Ahn and R. Sandhu. Role-Based Authorization Constraints Specification, ACM Transactions on Information & System Security (TISSEC), 3(4):207-226, Nov. 2000, Errata
    Google Scholar Search
  11. Jaehong Park and Ravi Sandhu, Towards Usage Control Models: Beyond Traditional Access Control, SACMAT 2002. Presentation
    Google Scholar Search
  12. Elisa Bertino and Ravi Sandhu, Database Security-Concepts, Approaches, and Challenges. IEEE Trans. Dependable Sec. Comput. 2(1): 2-19, 2005.
    Google Scholar Search
  13. Xin Jin, Ram Krishnan and Ravi Sandhu, A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC In Proceedings 26th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2012), Paris, France, July 11-13, 2012, pages 41-55. Presentation (pptx) (pdf)
    Google Scholar Search

    14. Papers with 400+ citations at Google Scholar.

  14. Ezedin Barka and Ravi Sandhu. Framework for Role-Based Delegation Models, Proc. 16th Annual Computer Security Applications Conference, New Orleans, Louisiana, Dec. 11-15, 2000, pages 168-176.
    Google Scholar Search
  15. R. Sandhu, The Typed Access Matrix Model, Proc. IEEE Symposium on Research in Security and Privacy, Oakland, California, May 1992, pages 122-136.
    Google Scholar Search
  16. R. Sandhu, Role-Based Access Control, Adv. in Computers, 46:237-286, Academic Press 1998,
    Google Scholar Search

    17. Papers with 300+ citations at Google Scholar.

  17. Joon Park, Ravi Sandhu and Gail-Joon Ahn. Role-Based Access Control on the Web, ACM Transactions on Information and Systems Security (TISSEC), Volume 4, Number 1, February 2001.
    Google Scholar Search
  18. Xinwen Zhang, Sejong Oh and Ravi Sandhu, PBDM: A Flexible Delegation Model in RBAC, SACMAT 2003.
    Google Scholar Search
  19. Sushil Jajodia and Ravi Sandhu, Toward a Multilevel Secure Relational Data Model, SIGMOD 1991.
    Google Scholar Search
  20. Ravi Sandhu, Role Hierarchies and Constraints for Lattice-Based Access Controls, ESORICS 1996.
    Google Scholar Search
  21. Ravi Sandhu, Cryptographic Implementation of a Tree Hierarchy for Access Control, Information Processing Letters, Volume 27, Number 2, February 1988.
    Google Scholar Search
  22. Ravi Sandhu and Jaehong Park, Usage Control: A Vision for Next Generation Access Control, MMM-ACNS 2003.
    Google Scholar Search

    23. Papers with 200+ citations at Google Scholar.

  23. Ezedin Barka and Ravi Sandhu, A Role-Based Delegation Model and Some Extensions, NISSC 2000.
    Google Scholar Search
  24. Ravi Sandhu, Transaction Control Expressions for Separation of Duties, ACSAC 1988.
    Google Scholar Search
  25. Xinwen Zhang, Francesco Parisi-Presicce, Ravi Sandhu, and Jaehong Park, Formal Model and Policy Specification of Usage Control, ACM Transactions on Information and System Security (TISSEC), 8(4): 351-387, 2005
    Google Scholar Search
  26. Tim Finin, Anupam Joshi, Lalana Kagal, Jianwei Niu, Ravi Sandhu, William Winsborough and Bhavani Thuraisingham, ROWLBAC: Representing Role Based Access Control in OWL, SACMAT 2008. Presentation
    Google Scholar Search
  27. R. Sandhu, Role Activation Hierarchies, Proc. Third ACM Workshop on Role-Based Access Control, Fairfax, Virginia, October 22-23, 1998, pages 33-40.
    Google Scholar Search
  28. Mohammad A. Al-Kahtani and Ravi Sandhu, A Model for Attribute-Based User-Role Assignment, ACSAC 2002.
    Google Scholar Search
  29. Sejong Oh, Ravi S. Sandhu, A Model for Role Administration Using Organization Structure, SACMAT 2002.
    Google Scholar Search
  30. Joon S. Park and Ravi Sandhu, Secure Cookies on the Web, IEEE Internet Computing, July 2000.
    Google Scholar Search
  31. Ravi Sandhu, The Schematic Protection Model: Its Definition and Analysis for Acyclic Attenuating Schemes , Journal of the ACM, Volume 35, Number 2, April 1988.
    Google Scholar Search

    32. Papers with 150+ citations at Google Scholar.

  32. Ravi Sandhu and Qamar Munawer, How to do Discretionary Access Control Using Roles, ACM RBAC 1998.
    Google Scholar Search
  33. John McDermott, Sushil Jajodia and Ravi Sandhu, A Single-Level Scheduler for the Replicated Architecture for Multilevel Secure Databases, ACSAC 1991.
    Google Scholar Search
  34. Ravi Sandhu, Rationale for the RBAC96 Family of Access Control Models, ACM RBAC 1995.
    Google Scholar Search
  35. Ravi Sandhu, Separation of Duties in Computerized Information Systems, IFIP11.3 1990.
    Google Scholar Search
  36. Ravi Sandhu and P. Samarati, Authentication, Access Control and Audit, ACM Computing Surveys, 50th anniversary commemorative issue, Volume 28, Number 1, March 1996.
    Google Scholar Search
  37. Ravi Sandhu and Xinwen Zhang, Peer-to-Peer Access Control Architecture Using Trusted Computing Technology, SACMAT 2005. Presentation
    Google Scholar Search
  38. Gail-Joon Ahn and Ravi Sandhu, The RSL99 Language for Role-Based Separation of Duty Constraints, ACM RBAC 1999.
    Google Scholar Search
  39. Ravi Sandhu and Qamar Munawer, The ARBAC99 Model for Administration of Roles, ACSAC 1999.
    Google Scholar Search
  40. Roshan Thomas and Ravi Sandhu, Conceptual Foundations for a Model of Task-based Authorizations, CSFW 1994.
    Google Scholar Search
  41. Ravi Sandhu, Venkata Bhamidipadi, Edward Coyne, Srinivas Ganta and Charles Youman, The ARBAC97 Model for Role-Based Administration of Roles: Preliminary Description and Outline, ACM RBAC 1997.
    Google Scholar Search
  42. Ravi Sandhu and Fang Chen, The Multilevel Relational (MLR) Data Model, ACM Transactions on Information and Systems Security (TISSEC), Volume 1, Number 1,  June 1998.
    Google Scholar Search
  43. Gail-Joon Ahn, Myong Kang, Joon Park and Ravi Sandhu, Injecting RBAC to Secure a Web-Based Workflow System, ACM RBAC 2000.
    Google Scholar Search
  44. Chandramouli Ramaswamy and Ravi Sandhu, Role-Based Access Control Features in Commercial Database Management Systems (Winner of Best Paper Award), NISSC 1998.
    Google Scholar Search
  45. Elisa Bertino, Latifur Khan, Ravi Sandhu and Bhavani Thuraisingham, Secure Knowledge Management: Confidentiality, Trust, and Privacy, IEEE Transactions on Systems, Man and Cybernetics, Part A: Systems and Humans, 36(3):429-438, May 2006.
    Google Scholar Search
  46. Moo Nam Ko, Gorrell Cheek, Mohamed Shehab and Ravi Sandhu, Social-Networks Connect Services, IEEE Computer, Volume 43, Number 8 (Cover Article), August 2010, pages 37-43.
    Google Scholar Search

    47. Papers with 100+ citations at Google Scholar.

  47. Ravi Sandhu, Edward Coyne, Hal Feinstein and Charles Youman, Role-Based Access Control: A Multi-Dimensional View, ACSAC 1994.
    Google Scholar Search
  48. Ravi Sandhu and Sushil Jajodia, Polyinstantiation Integrity in Multilevel Relations, OAKLAND 1990.
    Google Scholar Search
  49. Fang Chen and Ravi Sandhu, Constraints for Role-Based Access Control, ACM RBAC 1995.
    Google Scholar Search
  50. Xinwen Zhang, Jaehong Park, Francesco Parisi-Presicce, Ravi Sandhu, A Logical Specification for Usage Control, SACMAT 2004.
    Google Scholar Search
  51. Pete Epstein and Ravi Sandhu, Towards a UML Based Approach to Role Engineering, ACM RBAC 1999.
    Google Scholar Search
  52. Min Xu, Xuxian Jiang, Ravi Sandhu and Xinwen Zhang, Towards a VMM-based Usage Control Framework for OS Kernel Integrity Protection, SACMAT 2007. Presentation
    Google Scholar Search
  53. Zhang, X., Nakae, M., Covington, M., and Sandhu, R., Toward a Usage-Based Security Framework for Collaborative Computing Systems, ACM TISSEC, Volume 11, Number 1, Feb. 2008, pages 1-36.
    Google Scholar Search
  54. Ravi Sandhu, Kumar Ranganathan and Xinwen Zhang, Secure Information Sharing Enabled by Trusted Computing and PEI Models (Invited Talk), AsiaCCS 2006. Presentation
    Google Scholar Search
  55. Jaehong Park, Ravi Sandhu and James Schifalacqua, Security Architectures for Controlled Digital Information Dissemination, ACSAC 2000.
    Google Scholar Search
  56. Ezedin Barka and Ravi Sandhu, Role-Based Delegation Model/ Hierarchical Roles (RBDM1), ACSAC 2004.
    Google Scholar Search
  57. Mukesh Singhal, Santosh Chandrasekhar, Tingjian Ge, Ravi Sandhu, Ram Krishnan, Gail-Joon Ahn and Elisa Bertino, Collaboration in Multicloud Computing Environments: Framework and Security Issues, IEEE Computer, Volume 46, Number 2, February 2013, pages 76-84.
    Google Scholar Search

    58. Papers with 75+ citations at Google Scholar.

  58. Savith Kandala and Ravi Sandhu, Secure Role-Based Workflow Models, IFIP11.3 2001.
    Google Scholar Search ...94
  59. Roshan Thomas and Ravi Sandhu, Towards a Task-Based Paradigm for Flexible and Adaptable Access Control in Distributed Applications, NSP 1993.
    Google Scholar Search ...97
  60. Xinwen Zhang, Masayuki Nakae, Michael Covington and Ravi Sandhu, A Usage-based Authorization Framework for Collaborative Computing Systems, SACMAT 2006. Presentation
    Google Scholar Search ...91
  61. Joon S. Park and Ravi Sandhu, Binding Identities and Attributes Using Digitally Signed Certificates, ACSAC 2000.
    Google Scholar Search ...92
  62. David Ferraiolo, Rick Kuhn and Ravi Sandhu, RBAC Standard Rationale: Comments on "A Critique of the ANSI Standard on Role-Based Access Control", IEEE Security & Privacy, Volume 5, Number 6, Nov./Dec. 2007, pages 51-53.
    Google Scholar Search
  63. Ravi Sandhu, Access Control: The Neglected Frontier (Keynote Lecture), ACISP 1996.
    Google Scholar Search
  64. Ravi Sandhu, Good-Enough Security: Toward a Pragmatic Business-Driven Discipline, IEEE Internet Computing, Vol. 7, No.1, January/February 2003.
    Google Scholar Search
  65. Jaehong Park and Ravi Sandhu, Originator Control in Usage Control, POLICY 2002.
    Google Scholar Search
  66. Joon S. Park and Ravi Sandhu, RBAC on the Web by Smart Certificates, ACM RBAC 1999.
    Google Scholar Search
  67. Sejong Oh, Ravi Sandhu and Xinwen Zhang, An Effective Role Administration Model Using Organization Structure, ACM Transactions on Information and System Security, Volume 9, Number 2, May 2006, pages 113-137.
    Google Scholar Search
  68. Ludwig Fuchs, Gunther Pernul and Ravi Sandhu, Roles in Information Security-A Survey and Classification of the Research Area, Computers & Security, Volume 30, Number 8, November 2011, pages 748-769.
    Google Scholar Search
  69. Yuan Cheng, Jaehong Park and Ravi Sandhu, Relationship-based Access Control for Online Social Networks: Beyond User-to-User Relationships (Winner of Best Paper Award). In Proceedings 4th IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT), Amsterdam, Netherlands, September 3-5, 2012, 10 pages. Presentation(pptx) (pdf)
    Google Scholar Search 75+
  70. Yuan Cheng, Jaehong Park and Ravi Sandhu, A User-to-User Relationship-based Access Control Model for Online Social Networks In Proceedings 26th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2012), Paris, France, July 11-13, 2012, pages 8-24. Presentation(pptx) (pdf)
    Google Scholar Search 81
  71. Pete Epstein and Ravi Sandhu, Engineering of Role-Permission Assignments, ACSAC 2001.
    Google Scholar Search
  72. Ravi Sandhu, Expressive Power of the Schematic Protection Model, Journal of Computer Security, Volume 1, Number 1, 1992.
    Google Scholar Search
  73. Mohammad A. Al-Kahtani and Ravi Sandhu, Induced Role Hierarchies with Attribute-Based RBAC, SACMAT 2003.
    Google Scholar Search
  74. Jaehong Park, Dang Nguyen and Ravi Sandhu, A Provenance-Based Access Control Model. In Proceedings 10th IEEE Conference on Privacy, Security and Trust (PST), Paris, France, July 16-18, 2012, 8 pages. Presentation(pptx) (pdf)
    Google Scholar Search 75+

    75. Papers with 70+ citations at Google Scholar.

  75. Ravi Sandhu and Venkata Bhamidipadi, The URA97 Model for Role-Based User-Role Assignment, IFIP11.3 1997.
    Google Scholar Search ???
  76. Ravi Sandhu, Future Directions in Role-Based Access Control Models (Keynote Lecture), MMM-ACNS 2001.
    Google Scholar Search
  77. Ravi Sandhu, Engineering Authority and Trust in Cyberspace: The OM-AM and RBAC Way, ACM RBAC 2000.
    Google Scholar Search