Alignment of ReMMo with RBAC to Manage Access Rights in the Frame of Enterprise Architecture

Research output: Contribution in Book/Catalog/Report/Conference proceedingChapter

60 Downloads (Pure)

Abstract

Aligning the business operations with the appropriate IT infrastructure is a challenging and critical activity. Without efficient business/IT alignment, the companies face the risk not to be able to deliver their business services satisfactorily and that their image is seriously altered and jeopardized. Among the many challenges of business/IT alignment is the access rights management which should be conducted considering the rising governance needs, such as taking into account the business actors' responsibility. Unfortunately, in this domain, we have observed that no solution, model and method, fully considers and integrates the new needs yet. Therefore, the paper proposes firstly to define an expressive Responsibility metamodel, named ReMMo, which allows representing the existing responsibilities at the business layer and, thereby, allows engineering the access rights required to perform these responsibilities, at the application layer. Secondly, the Responsibility metamodel has been integrated with ArchiMate® to enhance its usability and benefits from the enterprise architecture formalism. Finally, a method has been proposed to define the access rights more accurately, considering the alignment of ReMMo and RBAC. The research was realized following a design science and action design based research method and the results have been evaluated through an extended proof of concept at the Hospital Center in Luxembourg.
Original languageEnglish
Title of host publication2015 IEEE 9th International Conference on Research Challenges in Information Science (RCIS)
PublisherIEEE
Number of pages12
DOIs
Publication statusPublished - 13 May 2015
EventIEEE Ninth International Conference on Research Challenges in Information Science - Athens, Greece
Duration: 13 May 2015 → …

Scientific committee

Scientific committeeIEEE Ninth International Conference on Research Challenges in Information Science
CountryGreece
CityAthens
Period13/05/15 → …

Fingerprint

Industry

Cite this

Feltus, Christophe ; Petit, Michaël ; Dubois, Éric. / Alignment of ReMMo with RBAC to Manage Access Rights in the Frame of Enterprise Architecture. 2015 IEEE 9th International Conference on Research Challenges in Information Science (RCIS). IEEE, 2015.
@inbook{064f0411425b4550bf98003edf4c019f,
title = "Alignment of ReMMo with RBAC to Manage Access Rights in the Frame of Enterprise Architecture",
abstract = "Aligning the business operations with the appropriate IT infrastructure is a challenging and critical activity. Without efficient business/IT alignment, the companies face the risk not to be able to deliver their business services satisfactorily and that their image is seriously altered and jeopardized. Among the many challenges of business/IT alignment is the access rights management which should be conducted considering the rising governance needs, such as taking into account the business actors' responsibility. Unfortunately, in this domain, we have observed that no solution, model and method, fully considers and integrates the new needs yet. Therefore, the paper proposes firstly to define an expressive Responsibility metamodel, named ReMMo, which allows representing the existing responsibilities at the business layer and, thereby, allows engineering the access rights required to perform these responsibilities, at the application layer. Secondly, the Responsibility metamodel has been integrated with ArchiMate{\circledR} to enhance its usability and benefits from the enterprise architecture formalism. Finally, a method has been proposed to define the access rights more accurately, considering the alignment of ReMMo and RBAC. The research was realized following a design science and action design based research method and the results have been evaluated through an extended proof of concept at the Hospital Center in Luxembourg.",
author = "Christophe Feltus and Micha{\"e}l Petit and {\'E}ric Dubois",
year = "2015",
month = "5",
day = "13",
doi = "10.1109/RCIS.2015.7128887",
language = "English",
booktitle = "2015 IEEE 9th International Conference on Research Challenges in Information Science (RCIS)",
publisher = "IEEE",

}

Feltus, C, Petit, M & Dubois, É 2015, Alignment of ReMMo with RBAC to Manage Access Rights in the Frame of Enterprise Architecture. in 2015 IEEE 9th International Conference on Research Challenges in Information Science (RCIS). IEEE, Athens, Greece, 13/05/15. https://doi.org/10.1109/RCIS.2015.7128887

Alignment of ReMMo with RBAC to Manage Access Rights in the Frame of Enterprise Architecture. / Feltus, Christophe; Petit, Michaël; Dubois, Éric.

2015 IEEE 9th International Conference on Research Challenges in Information Science (RCIS). IEEE, 2015.

Research output: Contribution in Book/Catalog/Report/Conference proceedingChapter

TY - CHAP

T1 - Alignment of ReMMo with RBAC to Manage Access Rights in the Frame of Enterprise Architecture

AU - Feltus, Christophe

AU - Petit, Michaël

AU - Dubois, Éric

PY - 2015/5/13

Y1 - 2015/5/13

N2 - Aligning the business operations with the appropriate IT infrastructure is a challenging and critical activity. Without efficient business/IT alignment, the companies face the risk not to be able to deliver their business services satisfactorily and that their image is seriously altered and jeopardized. Among the many challenges of business/IT alignment is the access rights management which should be conducted considering the rising governance needs, such as taking into account the business actors' responsibility. Unfortunately, in this domain, we have observed that no solution, model and method, fully considers and integrates the new needs yet. Therefore, the paper proposes firstly to define an expressive Responsibility metamodel, named ReMMo, which allows representing the existing responsibilities at the business layer and, thereby, allows engineering the access rights required to perform these responsibilities, at the application layer. Secondly, the Responsibility metamodel has been integrated with ArchiMate® to enhance its usability and benefits from the enterprise architecture formalism. Finally, a method has been proposed to define the access rights more accurately, considering the alignment of ReMMo and RBAC. The research was realized following a design science and action design based research method and the results have been evaluated through an extended proof of concept at the Hospital Center in Luxembourg.

AB - Aligning the business operations with the appropriate IT infrastructure is a challenging and critical activity. Without efficient business/IT alignment, the companies face the risk not to be able to deliver their business services satisfactorily and that their image is seriously altered and jeopardized. Among the many challenges of business/IT alignment is the access rights management which should be conducted considering the rising governance needs, such as taking into account the business actors' responsibility. Unfortunately, in this domain, we have observed that no solution, model and method, fully considers and integrates the new needs yet. Therefore, the paper proposes firstly to define an expressive Responsibility metamodel, named ReMMo, which allows representing the existing responsibilities at the business layer and, thereby, allows engineering the access rights required to perform these responsibilities, at the application layer. Secondly, the Responsibility metamodel has been integrated with ArchiMate® to enhance its usability and benefits from the enterprise architecture formalism. Finally, a method has been proposed to define the access rights more accurately, considering the alignment of ReMMo and RBAC. The research was realized following a design science and action design based research method and the results have been evaluated through an extended proof of concept at the Hospital Center in Luxembourg.

U2 - 10.1109/RCIS.2015.7128887

DO - 10.1109/RCIS.2015.7128887

M3 - Chapter

BT - 2015 IEEE 9th International Conference on Research Challenges in Information Science (RCIS)

PB - IEEE

ER -

Feltus C, Petit M, Dubois É. Alignment of ReMMo with RBAC to Manage Access Rights in the Frame of Enterprise Architecture. In 2015 IEEE 9th International Conference on Research Challenges in Information Science (RCIS). IEEE. 2015 https://doi.org/10.1109/RCIS.2015.7128887