|
 ABSTRACT
In this paper we describe the work in progress with a process-oriented approach for role-finding to implement Role-Based Security Administration. Our results stem from using a recently proposed role model and procedural model at Siemens AG ICN, a large industrial organization.
The core of this paper presents the data model, which integrates business processes, role based security administration and access control. Moreover, a structured top-down approach is outlined which is the basis for derivation of suitable business roles from enterprise process models.
A brief description is given on how these results may be used to first build the Role Catalog and then support the implementation of RBAC and a single point of administration and control, using a cross-platform administration tool.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
 |
Awi
|
|
| |
Bar
|
|
| |
Bez
|
|
| |
ES
|
|
| |
FBK
|
|
| |
FCK
|
Ferraiolo, D.F., Cugini, J.A., Kuhn, R.D.; Role-Based Access Control (RBAC): Features and Motivations; Proc. 11 th Annual Computer Security Applications, New Orleans, Louisiana (1995)
|
| |
FH
|
|
| |
Fly
|
Flynn, H.; ~Real-Life" Use of Roles for Access Control; Gartner Advisory, Monthly Research Review August 1998 (1998)
|
| |
HDLG
|
Hummel, A.A., Deinhart, K., Lorenz, S., Gligor, V.D.; Role-Based Security Administration; Proc. Sicherheit in Informationssystemen (SIS '96), Vienna, Editors: K. Bauknecht, D. Karagiannis, S. Teufel (1996)
|
| |
JGIL
|
Trent Jaeger , Frederique Giraud , Nayeem Islam , Jochen Liedtke, A role-based access control model for protection domain derivation and management, Proceedings of the second ACM workshop on Role-based access control, p.95-106, November 06-07, 1997, Fairfax, Virginia, United States
[doi> 10.1145/266741.266764]
|
| |
Mah
|
Maher, A.; A Universe of One~; Siemens AG Information and Communication Networks, press conference February 7 th , 2000 (2000)
|
| |
PS
|
Parker, T., Sundt, C.; Role-Based Access Control in Real Systems; Information Systems Security, Spring (1996)
|
| |
Roe
|
Roeckle, H.; Rollenbasierter Zugriffsschutz, Automatisierte Bildung der Rollen im Unternehmen auf der Basis eines prozessorientierten Vorgehensmodells; IT-Sicherheit 2/99, datacontext fachverlag, Frechen (1999)
|
| |
RoFi
|
Roeckle IT-Sicherheit GmbH; RollenFinder Benutzer Dokumentation; RoFi-Handb~cher, Rel. 1.0, Bochum (2000)
|
| |
SAM
|
Schumann Unternehmensberatung AG; Security Administration Manager (SAM), Concepts and Facilities; SAM-Manuals, Rel. 2.4, Koeln (1999)
|
| |
San
|
|
| |
SBM
|
|
| |
SCFY
|
|
| |
SMF
|
|
| |
SRM
|
Schumann Unternehmensberatung AG; SAM Request Manager (SAM/RM), User Manual; SAM/RM-Manuals, Rel. 2.1, Koeln (1999)
|
| |
TBB
|
D. Thomsen , R. O'Brien , C. Payne, Napoleon: network application policy environment, Proceedings of the fourth ACM workshop on Role-based access control, p.145-152, October 28-29, 1999, Fairfax, Virginia, United States
[doi> 10.1145/319171.319185]
|
CITED BY 21
|
|
|
|
|
|
|
|
Axel Kern , Martin Kuhlmann , Andreas Schaad , Jonathan Moffett, Observations on the role life-cycle in the context of enterprise security management, Proceedings of the seventh ACM symposium on Access control models and technologies, June 03-04, 2002, Monterey, California, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Daniel Bradley , Audun Josang, Mesmerize: an open framework for enterprise security management, Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation, p.37-42, January 01, 2004, Dunedin, New Zealand
|
|
|
Joon S. Park , Keith P. Costello , Teresa M. Neven , Josh A. Diosomito, A composite rbac approach for large, complex organizations, Proceedings of the ninth ACM symposium on Access control models and technologies, June 02-04, 2004, Yorktown Heights, New York, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Jaideep Vaidya , Vijayalakshmi Atluri , Qi Guo , Nabil Adam, Migrating to optimal RBAC with minimal perturbation, Proceedings of the 13th ACM symposium on Access control models and technologies, June 11-13, 2008, Estes Park, CO, USA
|
|
|
Ian Molloy , Hong Chen , Tiancheng Li , Qihua Wang , Ninghui Li , Elisa Bertino , Seraphin Calo , Jorge Lobo, Mining roles with semantic meanings, Proceedings of the 13th ACM symposium on Access control models and technologies, June 11-13, 2008, Estes Park, CO, USA
|
|
|
|
|
|
|
|
|
Ian Molloy , Ninghui Li , Tiancheng Li , Ziqing Mao , Qihua Wang , Jorge Lobo, Evaluating role mining algorithms, Proceedings of the 14th ACM symposium on Access control models and technologies, June 03-05, 2009, Stresa, Italy
|
|
|
|
INDEX TERMS
Primary Classification:
K.
Computing Milieux
K.6
MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
Additional Classification:
D.
Software
D.4
OPERATING SYSTEMS
D.4.6
Security and Protection
Subjects:
Access controls
H.
Information Systems
H.2
DATABASE MANAGEMENT
H.2.1
Logical Design
Subjects:
Data models
H.2.7
Database Administration
Subjects:
Security, integrity, and protection
I.
Computing Methodologies
I.2
ARTIFICIAL INTELLIGENCE
I.2.8
Problem Solving, Control Methods, and Search
Subjects:
Control theory
I.6
SIMULATION AND MODELING
General Terms:
Design,
Management,
Performance,
Security,
Theory
Keywords:
access control,
authorizations,
business processes,
enterprise process modeling,
heterogeneous systems,
role based access control,
security administration,
security data models,
security management,
security models,
single point of administration and control
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf