This paper presents an approach of role-based access control (RBAC) for information systems with the use of MDA (Model Driven Architecture). The main purpose is to join the concepts of MDA approach with the concepts of access control models, in particular with the concepts of access control based on roles and on usage concept. To reach this objectives the appropriate solution was created to model the extended RBAC model and URBAC model with the use of concepts and tools of software engineering, in particular MDA methodology and UML (Unified Modeling Language). The presented approach was developed for role engineering in the aspects of logical security of information systems.
2
Dostęp do pełnego tekstu na zewnętrznej witrynie WWW
Since the value of information is constantly growing more and more businesses are in need for information system to aid them with information gathering and processing. The most important issue that arises here is how to ensure safety of this data that may be held on servers, personal computers or PDAs. This is where access control comes in. The main role of access control is to ensure that no unauthorized user will be able to gain access to resources and be able to copy or modify them. The paper deals with the process of access control administration in information systems with the use of usage role-based control approach. The presented process is based on the role engineering concept that includes the creation of security schema of access control divided between two actors - application/system developer and security administrator. They realize their tasks during two main phases that allow to define the complete access control schema for information systems of an organization.
3
Dostęp do pełnego tekstu na zewnętrznej witrynie WWW
The role-based access control (RBAC) model is one of the policies used to access control in the information systems. This powerful technology is very useful for managing the security of the information systems of the enterprises. In order to utilise its potential, the roles - the main component of this model - have to be properly constructed to reflect the organisational access control policy and the needs of the system. This requires the development of the components of the RBAC model in the correct way and implementation with the use of suitable tools. This paper presents the extension of the standard RBAC model and the implementation of this extension. The proposed approach is realised using the Unified Modelling Language (UML). The UML language was chosen because nowadays it is the standard tool, properly reflecting the description of the information system and its needs.
Kontrola dostępu oparta na rolach (ang. role based access control, RBAC) jest jednym z ważniejszych przedmiotów badań zarówno w zastosowaniach akademickich jak i komercyjnych. Artykuł ten prezentuje model bezpiecznego systemu opartego na rolach, w którym czynności podmiotów uwierzytelniane i autoryzowane są za pomocą mechanizmów infrastruktury klucza publicznego - certyfikatów. W prezentowanym modelu pokazano mechanizm odwzorowania certyfikatów klucza publicznego oraz certyfikatów atrybutów w role i sesje modelu RBAC, zaś certyfikatów warunków użycia - w ograniczenia modelu RBAC. Do wiarygodnego przypisywania podmiotów do ról wprowadzono specjalną metodę wiązania poświadczeń opartą na rundach. Przedstawiony model ma budowę strukturalną, tzn. użytkownicy posiadają role, a te przypisane są do odpowiednich domen. Polityki kontroli dostępu definiują, które role mogą lub nie mogą korzystać z zasobów danej domeny.
EN
Role Based Access Control is one of the most important research problems in both commercial and academic applications. This article presents secured role based access control system model, where user activities are authenticated and authorized based on public key infrastructure mechanism - certificates. There are mechanisms presented in this article, which imitate public key certificates and attributes certificates to roles and sessions of role based access control system and use condition certificates to RBAC system restraints. For reliable user - role assignment special method of authentication based on rounds was introduced. Presented model is of structural construction, which means that users have role, and these are assigned to particular domains. Access control policies define which roles can and which roles can not use particular domain resources.
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.