{"title":"A financial institution's legacy mainframe access control system in light of the proposed NIST RBAC standard","authors":"A. D. Marshall","doi":"10.1109/CSAC.2002.1176310","DOIUrl":null,"url":null,"abstract":"In this paper we describe a mainframe access control system (DENT) and its associated delegated administration tool (DSAS) that were used in a financial institution for over 20 years to control access to banking transaction products. The first part of this paper describes the design and operation of DENT/DSAS as an example of a long-lived access control system in a financial institution. A standard for role-based access control (RBAC) has recently been proposed by the United States National Institute of Standards and Technology (NIST). The second part of this paper discusses how the functionality of DENT/DSAS could be achieved by applying its principles of operation within the NIST model. In so doing we also evaluate the proposed standard by validating it against the requirements embodied in a successful access control system. We conclude with some observations about the design of DENT/DSAS and suggestions for changes in the proposed RBAC standard to accommodate some features of DENT/DSAS that it does not appear to support.","PeriodicalId":389487,"journal":{"name":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","volume":"52 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2002-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSAC.2002.1176310","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 6
Abstract
In this paper we describe a mainframe access control system (DENT) and its associated delegated administration tool (DSAS) that were used in a financial institution for over 20 years to control access to banking transaction products. The first part of this paper describes the design and operation of DENT/DSAS as an example of a long-lived access control system in a financial institution. A standard for role-based access control (RBAC) has recently been proposed by the United States National Institute of Standards and Technology (NIST). The second part of this paper discusses how the functionality of DENT/DSAS could be achieved by applying its principles of operation within the NIST model. In so doing we also evaluate the proposed standard by validating it against the requirements embodied in a successful access control system. We conclude with some observations about the design of DENT/DSAS and suggestions for changes in the proposed RBAC standard to accommodate some features of DENT/DSAS that it does not appear to support.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
