원문정보
초록
영어
Role based access control (RBAC) has been widely adopted in industrial and government. However RBAC is only suitable for closed enterprise environment. With modern Internet based application, collaboration and sharing among multiple organizations become essential and RBAC is no longer sufficient. Role mapping has been the solutions to deal with multiple domains, where the roles in the hierarchy of one organization are mapped to the roles in the hierarchy of another organization. But role mapping can be a tedious task for the security officers if it is done fully manually. Yet, performing role mapping automatically incur security risks. In this paper, we introduce a semi-automated role mapping process, where promising role mappings are generated automatically and recommended to the security officer(s). The security officers then approve or modify the recommended role mappings. We present a method for automatically generate role mappings based on the similarities of the roles in two role hierarchies. We use an example to illustrate our approach and show its feasibility.
목차
1. Introduction
2. A Running Example
3. Semi-Automated Role Mapping Process
3.1.The Role Mapping Manager
3.2. The Role Mapping Process
3.3. On-the-Fly Role Mapping
4. Automated Role Mapping Analysis and Recommendation
4.1. OWL-Based Role Specification Model
4.2. Concept Extraction
4.3. Similarity Between Roles
4.4. Role Mapping Recommendation
4.5. Modify Role Hierarchy for Role Mapping
5. Conclusions
References