RBPIM: Enforcing RBAC policies in distributed heterogeneous systems

نویسندگان

Ricardo Nabhen

Edgard Jamhour

Carlos Maziero

چکیده

This paper presents a PCIM-based framework for storing and enforcing RBAC (Role Based Access Control) policies in distributed heterogeneous systems. PCIM (Policy Core Information Model) is an information model proposed by IETF. PCIM permits to represent network policies in a standard form, allowing software from different vendors to read the same set of policy rules. This paper describes a PCIM extension, called RBPIM (Role-Based Policy Information Model), in order to represent network access policies based on the RBAC model. A RBPIM implementation framework based on the PDP/PEP (Policy Decision Point/Policy Enforcement Point) approach is also presented and evaluated.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)

One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...

متن کامل

Napoleon: A Recipe for Workflow

This paper argues that Napoleon, a flexible, role-based access control (RBAC) modeling environment, is also a practical solution for enforcing business process control, or workflow, policies. Napoleon provides two important benefits for workflow: simplified policy management and support for heterogeneous, distributed systems. We discuss our strategy for modeling workflow in Napoleon, and we pre...

متن کامل

Enforcing Security Policies for Distributed Objects Applications

In this paper we present the design and the implementation of a policy engine for enforcing security policies for distributed applications. Such policies, represented by using the RBAC model, include both how the distributed, shared and replicated objects are used, by mean of role certificates and how these roles are managed by means of administrative roles. The policy engine can enforce not on...

متن کامل

An RBAC-based PIB for Provisioning Access Control

This paper presents a framework for representing and distributing access control policies in distributed heterogeneous systems. Access control polices follows the RBAC (Role Based Access Control) model proposed by the NIST. The framework is based on the provisioning strategy defined by IETF, i.e., the RBAC information is represented in terms of a PIB (Policy Information Base) and distributed to...

متن کامل

Privacy Enforcement with an Extended Role-Based Access Control Model

Privacy enforcement has been one of the most important challenges in IT area. Current privacy practices within companies and organizations, e.g. enabling a P3P compliant policy, incorporating a privacy seal program, etc., cannot truly protect consumer privacy. Privacy protection can only be achieved by enforcing privacy policies within an organization’s online and offline data processing system...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2004

RBPIM: Enforcing RBAC policies in distributed heterogeneous systems

نویسندگان

چکیده

منابع مشابه

Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)

Napoleon: A Recipe for Workflow

Enforcing Security Policies for Distributed Objects Applications

An RBAC-based PIB for Provisioning Access Control

Privacy Enforcement with an Extended Role-Based Access Control Model

عنوان ژورنال:

اشتراک گذاری