This paper aims at building a responsibility model based on the concepts of Accountability, Capability and Commitment. The model's objectives are firstly to help organizations for verifying the organizational structure and detecting policy problems and inconsistency. Secondly, the paper brings up a conceptual framework to support organization for defining their corporate, security and access control policies. Our work provides a preliminary review of the researches performed in that field and proposes, based on the analyses, an UML responsibility model and a definition of all its concepts. Thereafter, to propose a formal representation of the model, we have selected the suitable language and logic system. The analyze highlights that an important variable is whether the responsibility is perceived at a user or at a company level.
|Title of host publication||Proceedings of the The Fourth International Conference on Availability, Reliability and Security ("ARES 2009 - The International Dependability Conference"), Fukuoka, Japan|
|Place of Publication||New York, USA|
|Publisher||IEEE Computer Society Press|
|Number of pages||8|
|Publication status||Published - 2009|
- Security management.
- Right management
- Access control
- Formal system