Role engineering: From design to evolution of security schemes |
| |
| Authors: | Gilles Goncalves [Author Vitae] [Author Vitae] |
| |
| Affiliation: | a LGI2A - Universite d’Artois, Technoparc-Futura, Bethune, France
b Institute of Computer Science, Technical University of Lodz, Poland |
| |
| Abstract: | This paper presents a methodology to design the RBAC (Role-Based Access Control) scheme during the design phase of an Information System. Two actors, the component developer and the security administrator, will cooperate to define and set up the minimal set of roles in agreement with the application constraints and the organization constraints that guarantee the global security policy of an enterprise. In order to maintain the global coherence of the existing access control scheme, an algorithm is proposed to detect the possible inconsistencies before the integration of a new component in the Information System. |
| |
| Keywords: | Security of information system Access control Role engineering Role-based access control model Constraints UML (Unified Modelling Language) |
| 本文献已被 ScienceDirect 等数据库收录! |
