An Agent-based Framework for Identity Management: The Unsuspected Relation with ISO/IEC 15504

Benjamin Gateau, Christophe Feltus, Jocelyn Aubert, Christophe Incoul

Research output: Contribution in Book/Catalog/Report/Conference proceedingConference contribution

55 Downloads (Pure)

Abstract

The generalization of open and distributed systems and the dynamics of the environment make Information Systems (IS) and, consequently, its access rights management an increasingly complex problem. Even if support for this activity appears to be well handed by current sophisticated solutions, the definition and the exploitation of an access rights management framework appropriately adapted for a company remain challenging. This statement is explained mainly by the continuous growth of the diversity of stakeholderspsila positions and by the criticality of the resources to protect. The SIM project, which stands for ldquoSecure Identity Managementrdquo, addresses this problem. The objectives of our paper are twofold. First, to make rights management align closer to business objectives by providing an innovative approach that focuses on business goals for defining access policy. The ISO/IEC 15504 process-based assessment model has been preferred for that research. Indeed, the structured framework that it offers for the description of activities allows for the establishment of meaningful links with responsibilities concepts. Secondly, to automate the deployment of policies through the company IT infrastructurepsilas components and devices by defining a multi-agent system architecture that provides autonomy and adaptability. Free and open source components have been used for the prototyping phase.
Original languageEnglish
Title of host publicationProceedings of International Conference on Research Challenges in Information Science (RCIS), Marrakech, Morocco
EditorsOscar Pastor, André Flory, Jean Louis Cavarero
Pages35-44
Number of pages10
DOIs
Publication statusPublished - 2008

Fingerprint

Industry
Multi agent systems
Information systems

Keywords

  • Multi-agent architecture
  • Identity Management
  • Policy Engineering
  • Responsibility model.

Cite this

Gateau, B., Feltus, C., Aubert, J., & Incoul, C. (2008). An Agent-based Framework for Identity Management: The Unsuspected Relation with ISO/IEC 15504. In O. Pastor, A. Flory, & J. L. Cavarero (Eds.), Proceedings of International Conference on Research Challenges in Information Science (RCIS), Marrakech, Morocco (pp. 35-44) https://doi.org/10.1109/RCIS.2008.4632091
Gateau, Benjamin ; Feltus, Christophe ; Aubert, Jocelyn ; Incoul, Christophe. / An Agent-based Framework for Identity Management: The Unsuspected Relation with ISO/IEC 15504. Proceedings of International Conference on Research Challenges in Information Science (RCIS), Marrakech, Morocco. editor / Oscar Pastor ; André Flory ; Jean Louis Cavarero. 2008. pp. 35-44
@inproceedings{c0d605738b09487cb495a57279405483,
title = "An Agent-based Framework for Identity Management: The Unsuspected Relation with ISO/IEC 15504",
abstract = "The generalization of open and distributed systems and the dynamics of the environment make Information Systems (IS) and, consequently, its access rights management an increasingly complex problem. Even if support for this activity appears to be well handed by current sophisticated solutions, the definition and the exploitation of an access rights management framework appropriately adapted for a company remain challenging. This statement is explained mainly by the continuous growth of the diversity of stakeholderspsila positions and by the criticality of the resources to protect. The SIM project, which stands for ldquoSecure Identity Managementrdquo, addresses this problem. The objectives of our paper are twofold. First, to make rights management align closer to business objectives by providing an innovative approach that focuses on business goals for defining access policy. The ISO/IEC 15504 process-based assessment model has been preferred for that research. Indeed, the structured framework that it offers for the description of activities allows for the establishment of meaningful links with responsibilities concepts. Secondly, to automate the deployment of policies through the company IT infrastructurepsilas components and devices by defining a multi-agent system architecture that provides autonomy and adaptability. Free and open source components have been used for the prototyping phase.",
keywords = "Multi-agent architecture, Identity Management, Policy Engineering, Responsibility model.",
author = "Benjamin Gateau and Christophe Feltus and Jocelyn Aubert and Christophe Incoul",
note = "Publication editors : Oscar Pastor, Andr{\'e} Flory and Jean-Louis Cavarero",
year = "2008",
doi = "10.1109/RCIS.2008.4632091",
language = "English",
isbn = "978-1-4244-1677-6",
pages = "35--44",
editor = "Oscar Pastor and Andr{\'e} Flory and Cavarero, {Jean Louis}",
booktitle = "Proceedings of International Conference on Research Challenges in Information Science (RCIS), Marrakech, Morocco",

}

Gateau, B, Feltus, C, Aubert, J & Incoul, C 2008, An Agent-based Framework for Identity Management: The Unsuspected Relation with ISO/IEC 15504. in O Pastor, A Flory & JL Cavarero (eds), Proceedings of International Conference on Research Challenges in Information Science (RCIS), Marrakech, Morocco. pp. 35-44. https://doi.org/10.1109/RCIS.2008.4632091

An Agent-based Framework for Identity Management: The Unsuspected Relation with ISO/IEC 15504. / Gateau, Benjamin; Feltus, Christophe; Aubert, Jocelyn; Incoul, Christophe.

Proceedings of International Conference on Research Challenges in Information Science (RCIS), Marrakech, Morocco. ed. / Oscar Pastor; André Flory; Jean Louis Cavarero. 2008. p. 35-44.

Research output: Contribution in Book/Catalog/Report/Conference proceedingConference contribution

TY - GEN

T1 - An Agent-based Framework for Identity Management: The Unsuspected Relation with ISO/IEC 15504

AU - Gateau, Benjamin

AU - Feltus, Christophe

AU - Aubert, Jocelyn

AU - Incoul, Christophe

N1 - Publication editors : Oscar Pastor, André Flory and Jean-Louis Cavarero

PY - 2008

Y1 - 2008

N2 - The generalization of open and distributed systems and the dynamics of the environment make Information Systems (IS) and, consequently, its access rights management an increasingly complex problem. Even if support for this activity appears to be well handed by current sophisticated solutions, the definition and the exploitation of an access rights management framework appropriately adapted for a company remain challenging. This statement is explained mainly by the continuous growth of the diversity of stakeholderspsila positions and by the criticality of the resources to protect. The SIM project, which stands for ldquoSecure Identity Managementrdquo, addresses this problem. The objectives of our paper are twofold. First, to make rights management align closer to business objectives by providing an innovative approach that focuses on business goals for defining access policy. The ISO/IEC 15504 process-based assessment model has been preferred for that research. Indeed, the structured framework that it offers for the description of activities allows for the establishment of meaningful links with responsibilities concepts. Secondly, to automate the deployment of policies through the company IT infrastructurepsilas components and devices by defining a multi-agent system architecture that provides autonomy and adaptability. Free and open source components have been used for the prototyping phase.

AB - The generalization of open and distributed systems and the dynamics of the environment make Information Systems (IS) and, consequently, its access rights management an increasingly complex problem. Even if support for this activity appears to be well handed by current sophisticated solutions, the definition and the exploitation of an access rights management framework appropriately adapted for a company remain challenging. This statement is explained mainly by the continuous growth of the diversity of stakeholderspsila positions and by the criticality of the resources to protect. The SIM project, which stands for ldquoSecure Identity Managementrdquo, addresses this problem. The objectives of our paper are twofold. First, to make rights management align closer to business objectives by providing an innovative approach that focuses on business goals for defining access policy. The ISO/IEC 15504 process-based assessment model has been preferred for that research. Indeed, the structured framework that it offers for the description of activities allows for the establishment of meaningful links with responsibilities concepts. Secondly, to automate the deployment of policies through the company IT infrastructurepsilas components and devices by defining a multi-agent system architecture that provides autonomy and adaptability. Free and open source components have been used for the prototyping phase.

KW - Multi-agent architecture

KW - Identity Management

KW - Policy Engineering

KW - Responsibility model.

U2 - 10.1109/RCIS.2008.4632091

DO - 10.1109/RCIS.2008.4632091

M3 - Conference contribution

SN - 978-1-4244-1677-6

SP - 35

EP - 44

BT - Proceedings of International Conference on Research Challenges in Information Science (RCIS), Marrakech, Morocco

A2 - Pastor, Oscar

A2 - Flory, André

A2 - Cavarero, Jean Louis

ER -

Gateau B, Feltus C, Aubert J, Incoul C. An Agent-based Framework for Identity Management: The Unsuspected Relation with ISO/IEC 15504. In Pastor O, Flory A, Cavarero JL, editors, Proceedings of International Conference on Research Challenges in Information Science (RCIS), Marrakech, Morocco. 2008. p. 35-44 https://doi.org/10.1109/RCIS.2008.4632091