{"title":"基于扩展RBAC模型的信息系统角色工程","authors":"A. Poniszewska-Marańda","doi":"10.1109/WETICE.2005.50","DOIUrl":null,"url":null,"abstract":"The role-based access control (RBAC) model is one of the policies used to access control in information systems for enterprises. The RBAC model is a powerful technology for managing and enforcing security in large-scale, enterprise-wide systems. Many implementations of this model, including the RBAC96 model, have been already proposed. This paper presents an extension of the standard RBAC model together with its implementation using the Unified Modeling Language (UML). The presented model is developed for the role engineering in the security of information system. In the paper, the union of the RBAC model, which controls access in the information system, and the UML language, i.e. a unified method of object analysis and design, is proposed. The presented approach of the RBAC model consists in role creation via defining appropriate permissions. The entire procedure is performed in two stages; first permissions assigned to a function are defined, and then definitions of functions assigned to a particular role are provided.","PeriodicalId":128074,"journal":{"name":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","volume":"59 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"20","resultStr":"{\"title\":\"Role engineering of information system using extended RBAC model\",\"authors\":\"A. Poniszewska-Marańda\",\"doi\":\"10.1109/WETICE.2005.50\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The role-based access control (RBAC) model is one of the policies used to access control in information systems for enterprises. The RBAC model is a powerful technology for managing and enforcing security in large-scale, enterprise-wide systems. Many implementations of this model, including the RBAC96 model, have been already proposed. This paper presents an extension of the standard RBAC model together with its implementation using the Unified Modeling Language (UML). The presented model is developed for the role engineering in the security of information system. In the paper, the union of the RBAC model, which controls access in the information system, and the UML language, i.e. a unified method of object analysis and design, is proposed. The presented approach of the RBAC model consists in role creation via defining appropriate permissions. The entire procedure is performed in two stages; first permissions assigned to a function are defined, and then definitions of functions assigned to a particular role are provided.\",\"PeriodicalId\":128074,\"journal\":{\"name\":\"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)\",\"volume\":\"59 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-06-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"20\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WETICE.2005.50\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WETICE.2005.50","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Role engineering of information system using extended RBAC model
The role-based access control (RBAC) model is one of the policies used to access control in information systems for enterprises. The RBAC model is a powerful technology for managing and enforcing security in large-scale, enterprise-wide systems. Many implementations of this model, including the RBAC96 model, have been already proposed. This paper presents an extension of the standard RBAC model together with its implementation using the Unified Modeling Language (UML). The presented model is developed for the role engineering in the security of information system. In the paper, the union of the RBAC model, which controls access in the information system, and the UML language, i.e. a unified method of object analysis and design, is proposed. The presented approach of the RBAC model consists in role creation via defining appropriate permissions. The entire procedure is performed in two stages; first permissions assigned to a function are defined, and then definitions of functions assigned to a particular role are provided.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
