Small-granularity role based access control offers an effective solution to reduce the damage an intrusion can cause to your organization. We describe a new dynamic activation of roles, with automatic de-activation if the role is no longer used. This allows us to further decrease the granularity of roles, and use the roles as input to an anomaly based Intrusion Detection System. To show how easy it can be to add Role-Based Access Control to an existing platform, we briefly discuss a simple implementation for a WWW based Intranet.
Ruighaver, A.B, "A Fresh Look at Small-Granularity Role-Based Access Control" (2001). ACIS 2001 Proceedings. 76.