Title :
Access Control Design and Implementations in the ATLAS Experiment
Author :
Leahu, Marius Constantin ; Dobson, Marc ; Avolio, Giuseppe
Author_Institution :
CERN, Geneva
Abstract :
The ATLAS experiment operates with a significant number of hardware and software resources. Their protection against misuse is an essential task to ensure a safe and optimal operation. To achieve this goal, the Role Based Access Control (RBAC) model has been chosen for its scalability, flexibility, ease of administration and usability from the lowest operating system level to the highest software application level. This paper presents the overall design of RBAC implementation in the ATLAS experiment and the enforcement solutions in different areas such as the system administration, control room desktops and the data acquisition software. The users and the roles are centrally managed using a directory service based on Lightweight Directory Access Protocol which is kept in synchronization with the human resources and IT databases.
Keywords :
authorisation; data acquisition; database management systems; high energy physics instrumentation computing; position sensitive particle detectors; ATLAS experiment; IT databases; RBAC model; control room desktops; data acquisition software; human resources; lightweight directory access protocol; role based access control model; system administration; Access control; Application software; Control systems; Data acquisition; Hardware; Human resource management; Operating systems; Protection; Scalability; Usability; Access control; databases; roles; security;
Journal_Title :
Nuclear Science, IEEE Transactions on
DOI :
10.1109/TNS.2007.912071
