Application Access Control using Enterprise Models
نویسندگان
چکیده
In this paper a framework for a model-driven control of identity management systems is presented. An important issue in today’s information systems security discussion addresses the effective authorisation of users. With established conceptual modelling languages the assignment of roles to the identity management software is an enormous organisational effort. To decrease administration costs we propose a direct connection between the identity management system and enterprise models which contain the organisational responsibilities. Therefore, we have created the modelling approach E3+WS available for the meta-CASE tool cubetto toolset and the Novell Identity Manager.
منابع مشابه
An Extended Role-based Access Control Model for Enterprise Systems and Web Services
This thesis intends to develop application-level access control models to address several major security issues in enterprise environments. The first goal is to provide simple and efficient authorization specifications to reduce the complexity of security management. The second goal is to provide dynamic access control for Web service applications. The third goal is to provide an access control...
متن کاملSpecification and Validation of Enterprise Access Control Data for Conformance to Model and Policy Constraints
The effectiveness of an enterprise access control framework depends upon the integrity of the various components or the building blocks used in that framework. The essential components of that framework are: (a) an Enterprise Access Control Model (b) a Validation mechanism to verify the enterprise access control data developed based on that model, for conformance to the model as well as domain-...
متن کاملComprehensive life cycle support for access rules in information systems: the CEOSIS project
The definition and management of access rules (e.g. to control access to business documents and business functions) is a fundamental task in any enterprise information system (EIS). While there exists considerable work on how to specify and represent access rules, only little research has been spent on access rule changes. Examples include the evolution of organisational models with need for su...
متن کاملUsing Recommenders for Discretionary Access Control
Enterprises increasingly subscribe to Software as a Service (SaaS) applications for collaboration. In the past, enterprise organizational boundaries have been key to the controls on sharing, providing both a social and technical boundary that can slow or stop potentially inappropriate sharing. However, SaaS collaboration technology is often used to across enterprise boundaries. One of the key s...
متن کاملEngineering Access Control in Distributed Applications
This paper discusses issues of engineering access control solutions in distributed applications for enterprise computing environments. It reviews application-level access control available in existing middleware technologies, discusses open problems in these technologies, and surveys research efforts to address the problems.
متن کامل