Enhancement of Business IT Alignment by Including Responsibility Components in RBAC

Christophe Feltus; Michaël Petit; Morris Sloman

Enhancement of Business IT Alignment by Including Responsibility Components in RBAC

Christophe Feltus, Michaël Petit, Morris Sloman

Résultats de recherche: Contribution dans un livre/un catalogue/un rapport/dans les actes d'une conférence › Article dans les actes d'une conférence/un colloque

116 Téléchargements (Pure)

Résumé

Good corporate governance requires an improvement of the definition and the enforcement of the employees' responsibility throughout the companies' processes. In the field of information technology, one translation of this requirement targets a strict alignment of the access control policy with the permissions needed by the employees to achieve the obligations linked to their responsibilities. There has been much work related to access control over three decades and Role Based Access Control (RBAC) has emerged as a reference model in that discipline. Although its advantages have been largely recognized, when taking into account the new governance constraints, it appears that its mechanism of assignment of users' permissions is improvable. In this paper, we propose enhancements of RBAC by taking into account the concept of responsibility and explain it can be modeled using the OWL Web Ontology Language.

langue originale	Anglais
titre	Proceedings of the CAiSE 2010 Workshop Business/IT Alignment and Interoperability (BUSITAL2010)
Sous-titre	Held in conjunction with CAiSE 2010 Conference
rédacteurs en chef	M Petit, G Gal, A Castiaux, J Ralyté, P Plebani
Pages	61-75
Nombre de pages	15
Volume	599
Etat de la publication	Publié - 2010

Accès au document

70150manuscrit soumis, 520 KB

http://sunsite.informatik.rwth-aachen.de/Publications/CEUR-WS/Vol-599/

Contient cette citation

Feltus, C., Petit, M., & Sloman, M. (2010). Enhancement of Business IT Alignment by Including Responsibility Components in RBAC. Dans M. Petit, G. Gal, A. Castiaux, J. Ralyté, & P. Plebani (eds.), Proceedings of the CAiSE 2010 Workshop Business/IT Alignment and Interoperability (BUSITAL2010): Held in conjunction with CAiSE 2010 Conference (Vol 599, p. 61-75) http://sunsite.informatik.rwth-aachen.de/Publications/CEUR-WS/Vol-599/

Feltus, Christophe ; Petit, Michaël ; Sloman, Morris. / Enhancement of Business IT Alignment by Including Responsibility Components in RBAC. Proceedings of the CAiSE 2010 Workshop Business/IT Alignment and Interoperability (BUSITAL2010): Held in conjunction with CAiSE 2010 Conference. Editeur / M Petit ; G Gal ; A Castiaux ; J Ralyté ; P Plebani. Vol 599 2010. p. 61-75

@inproceedings{108a66af2a6a4ab3979ee5d47c054d2c,

title = "Enhancement of Business IT Alignment by Including Responsibility Components in RBAC",

abstract = "Good corporate governance requires an improvement of the definition and the enforcement of the employees' responsibility throughout the companies' processes. In the field of information technology, one translation of this requirement targets a strict alignment of the access control policy with the permissions needed by the employees to achieve the obligations linked to their responsibilities. There has been much work related to access control over three decades and Role Based Access Control (RBAC) has emerged as a reference model in that discipline. Although its advantages have been largely recognized, when taking into account the new governance constraints, it appears that its mechanism of assignment of users' permissions is improvable. In this paper, we propose enhancements of RBAC by taking into account the concept of responsibility and explain it can be modeled using the OWL Web Ontology Language.",

keywords = " Accountability, Policy, Commitment, Role, Responsibility, Separation of Duty., Access Control, Capability",

author = "Christophe Feltus and Micha{\"e}l Petit and Morris Sloman",

note = "Publication editors : M. Petit, G. Gal, A. Castiaux, J. Ralyt{\'e}, and P. Plebani",

year = "2010",

language = "English",

isbn = "ISSN 1613-0073",

volume = "599",

pages = "61--75",

editor = "M Petit and G Gal and A Castiaux and J Ralyt{\'e} and P Plebani",

booktitle = "Proceedings of the CAiSE 2010 Workshop Business/IT Alignment and Interoperability (BUSITAL2010)",

}

Feltus, C, Petit, M & Sloman, M 2010, Enhancement of Business IT Alignment by Including Responsibility Components in RBAC. Dans M Petit, G Gal, A Castiaux, J Ralyté & P Plebani (eds), Proceedings of the CAiSE 2010 Workshop Business/IT Alignment and Interoperability (BUSITAL2010): Held in conjunction with CAiSE 2010 Conference. VOL. 599, p. 61-75. <http://sunsite.informatik.rwth-aachen.de/Publications/CEUR-WS/Vol-599/>

Enhancement of Business IT Alignment by Including Responsibility Components in RBAC. / Feltus, Christophe; Petit, Michaël; Sloman, Morris.
Proceedings of the CAiSE 2010 Workshop Business/IT Alignment and Interoperability (BUSITAL2010): Held in conjunction with CAiSE 2010 Conference. Ed. / M Petit; G Gal; A Castiaux; J Ralyté; P Plebani. Vol 599 2010. p. 61-75.

Résultats de recherche: Contribution dans un livre/un catalogue/un rapport/dans les actes d'une conférence › Article dans les actes d'une conférence/un colloque

TY - GEN

T1 - Enhancement of Business IT Alignment by Including Responsibility Components in RBAC

AU - Feltus, Christophe

AU - Petit, Michaël

AU - Sloman, Morris

N1 - Publication editors : M. Petit, G. Gal, A. Castiaux, J. Ralyté, and P. Plebani

PY - 2010

Y1 - 2010

N2 - Good corporate governance requires an improvement of the definition and the enforcement of the employees' responsibility throughout the companies' processes. In the field of information technology, one translation of this requirement targets a strict alignment of the access control policy with the permissions needed by the employees to achieve the obligations linked to their responsibilities. There has been much work related to access control over three decades and Role Based Access Control (RBAC) has emerged as a reference model in that discipline. Although its advantages have been largely recognized, when taking into account the new governance constraints, it appears that its mechanism of assignment of users' permissions is improvable. In this paper, we propose enhancements of RBAC by taking into account the concept of responsibility and explain it can be modeled using the OWL Web Ontology Language.

AB - Good corporate governance requires an improvement of the definition and the enforcement of the employees' responsibility throughout the companies' processes. In the field of information technology, one translation of this requirement targets a strict alignment of the access control policy with the permissions needed by the employees to achieve the obligations linked to their responsibilities. There has been much work related to access control over three decades and Role Based Access Control (RBAC) has emerged as a reference model in that discipline. Although its advantages have been largely recognized, when taking into account the new governance constraints, it appears that its mechanism of assignment of users' permissions is improvable. In this paper, we propose enhancements of RBAC by taking into account the concept of responsibility and explain it can be modeled using the OWL Web Ontology Language.

KW - Accountability

KW - Policy

KW - Commitment

KW - Role

KW - Responsibility

KW - Separation of Duty.

KW - Access Control

KW - Capability

M3 - Conference contribution

SN - ISSN 1613-0073

VL - 599

SP - 61

EP - 75

BT - Proceedings of the CAiSE 2010 Workshop Business/IT Alignment and Interoperability (BUSITAL2010)

A2 - Petit, M

A2 - Gal, G

A2 - Castiaux, A

A2 - Ralyté, J

A2 - Plebani, P

ER -

Enhancement of Business IT Alignment by Including Responsibility Components in RBAC

Résumé

Accès au document

Empreinte digitale

Contient cette citation