Wyniki wyszukiwania - BazTech

1

Model driven architecture for modeling of logical security based on RBAC approach

Poniszewska-Marańda A.

Journal of Applied Computer Science

|

2014

|

Vol. 22, nr 1

183--199

EN

This paper presents an approach of role-based access control (RBAC) for information systems with the use of MDA (Model Driven Architecture). The main purpose is to join the concepts of MDA approach with the concepts of access control models, in particular with the concepts of access control based on roles and on usage concept. To reach this objectives the appropriate solution was created to model the extended RBAC model and URBAC model with the use of concepts and tools of software engineering, in particular MDA methodology and UML (Uniﬁed Modeling Language). The presented approach was developed for role engineering in the aspects of logical security of information systems.

2

Modeling and design of role engineering in development of access control for dynamic information systems

Poniszewska-Marańda A.

Bulletin of the Polish Academy of Sciences. Technical Sciences

|

2013

|

Vol. 61, nr 3

569--579

EN

Nowadays, the growth and complexity of functionalities of current information systems, especially dynamic, distributed and heterogeneous information systems, makes the design and creation of such systems a difficult task and at the same time, strategic for businesses. A very important stage of data protection in an information system is the creation of a high level model, independent of the software, satisfying the needs of system protection and security. The process of role engineering, i.e. the identification of roles and setting up in an organization is a complex task. The paper presents the modeling and design stages in the process of role engineering in the aspect of security schema development for information systems, in particular for dynamic, distributed information systems, based on the role concept and the usage concept. Such a schema is created first of all during the design phase of a system. Two actors should cooperate with each other in this creation process, the application developer and the security administrator, to determine the minimal set of user’s roles in agreement with the security constraints that guarantee the global security coherence of the system.

3

Access control models for distributed information systems

Poniszewska-Marańda A.

Przegląd Elektrotechniczny

|

2010

|

R. 86, nr 8

155-158

EN

The appearance of new business models for the organization and enterprise activities in the network and the appearance of new protocols for information exchange provoke that the information is more and more distributed and the traditional access models are insufficient to solve the problems of information control. On the other hand we would like to control the usage and the diffusion of this information. All these new problems are connected with the usage control. The paper presents the different access control strategies in aspects of distributed information systems.

PL

Pojawienie się nowych modeli biznesowych wspomagających działalność organizacji i przedsiębiorstw oraz pojawienie się nowych protokołów, służących do wymiany informacji, spowodowało, że informacja jest coraz bardziej rozproszona i tradycyjne modele kontroli dostępu stały się niewystarczające, by rozwiązać problemy związany z kontrolą dostępu do informacji. Z drugiej strony chcemy kontrolować użycie i wykorzystywanie pozyskanych informacji. Problemy te związane są z kontrolą użycia. Artykuł przedstawia różne strategie kontroli dostępu w aspekcie rozproszonych systemów informatycznych.