ReMoLa: Responsibility Model Language to Align Access Rights with Business Process Requirements

Christophe Feltus, Michaël Petit, Eric Dubois

Résultats de recherche: Contribution dans un livre/un catalogue/un rapport/dans les actes d'une conférenceArticle dans les actes d'une conférence/un colloque

62 Téléchargements (Pure)

Résumé

Access controls is an important IT security issue and has accordingly been a huge research topic for the last decade. Many models and role engineering methods have been provided since then, and RBAC has appeared to be one of the most significant contributions. In parallel to those developments, new requirements have appeared in the field of IT governance and they provide new constraints for the elicitation of access control policies. One of those requirements is to have access rights strictly aligned with the business process and to have the responsibility of the employees involved in those processes strictly defined and suitably assigned to the employee. RBAC doesn't permit to integrate these new requirements. In this paper we propose a responsibility modeling language to align access rights with business processes requirements. To achieve that, our approach uses the concept of employees' responsibility as a means to bridge the gap through frameworks from the business layer down to frameworks from the technical layer.
langue originaleAnglais
titreProceeding of the Fifth IEEE International Conference on Research Challenges in Information Science (IEEE RCIS 2011), Gosier, Guadeloupe, French West Indies
rédacteurs en chefColette Roll, Martine Collard.
EditeurIEEE
Pages107-112
Nombre de pages6
ISBN (imprimé)978-1-4244-8670-0
Les DOIs
Etat de la publicationPublié - 2011

Empreinte digitale

Examiner les sujets de recherche de « ReMoLa: Responsibility Model Language to Align Access Rights with Business Process Requirements ». Ensemble, ils forment une empreinte digitale unique.

Contient cette citation