• DocumentCode
    2915678
  • Title

    A model for checking consistency in access control policies for network management

  • Author

    Cridlig, Vincent ; State, Radu ; Festor, Olivier

  • Author_Institution
    LORIA - INRIA Lorraine 615, Villers-les-Nancy
  • fYear
    2007
  • fDate
    May 21 2007-Yearly 25 2007
  • Firstpage
    11
  • Lastpage
    19
  • Abstract
    This paper addresses the consistency of heterogeneous device access control in the network management area. It addresses well-know network management frameworks like SNMP (v3), CLI, Netconf and the lesser known TR-069 proposed in the framework of ADSL operators. For each of these, a formal definition of the access control model is proposed as well as the conversion towards a unified Role-Based Access Control model. Next, we show how to compare roles and permissions between the generated access control policies and to answer to questions like: which policy is more permissive, what are the common privileges between a set of roles?
  • Keywords
    authorisation; digital subscriber lines; formal specification; protocols; telecommunication network management; telecommunication security; ADSL operators; CLI; Netconf; SNMP; TR-069; access control policies; consistency checking; network management; role-based access control model; simple network management protocol; Access control; Authentication; Convergence; Data models; Information security; Network servers; Network topology; Permission; Protocols; Utility programs;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Integrated Network Management, 2007. IM '07. 10th IFIP/IEEE International Symposium on
  • Conference_Location
    Munich
  • Print_ISBN
    1-4244-0798-2
  • Electronic_ISBN
    1-4244-0799-0
  • Type

    conf

  • DOI
    10.1109/INM.2007.374765
  • Filename
    4258517
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2915678