In this paper, we describe an innovative approach for aligning the business layer and the application layer of ArchiMate to ensure that applications manage access rights consistently with enterprise goals and risk tolerances. The alignment is realized by using the responsibility of the employees, which we model using ReMoLa. The main focus of the alignment targets the definition and the assignment of the access rights needed by the employees according to business specification. The approach is illustrated and validated with a case study in a municipal hospital in Luxembourg.
|Number of pages||8|
|Publication status||Published - 1 Jan 2012|
|Event||The 6th International Conference on Security of Information and Networks - Aksaray, Turkey|
Duration: 26 Nov 2013 → 28 Nov 2013
|Scientific committee||The 6th International Conference on Security of Information and Networks|
|Period||26/11/13 → 28/11/13|
Feltus, C., Dubois, E., Proper, E., Band, I., & Petit, M. (2012). Enhancing the ArchiMate® Standard with a Responsibility Modeling Language for Access Rights Management. 12-19. Paper presented at The 6th International Conference on Security of Information and Networks, Aksaray, Turkey. https://doi.org/10.1145/2388576.2388577