Title :
Role based access control framework for network enterprises
Author :
Thomsen, Dan ; O´Brien, Dick ; Bogle, Jessica
Author_Institution :
Secure Comput. Corp., Roseville, MN, USA
Abstract :
A business´s success depends on its ability to protect valuable business assets in an increasingly hostile environment. Protecting information requires a cost, not only in purchasing security components, but also in ensuring that those security components are properly managed. Role based access control (RBAC) shows promise for making security administration easier, thus reducing the cost of managing security components. RBAC provides a convenient layer of abstraction by describing access control patterns. This paper presents an RBAC framework comprised of seven abstract layers. Multiple layers allow users to work with a layer they understand. Thus a balance can be struck between fine grained access control and ease of management. The goal is to provide easy security management for a wide variety of network applications. The NAPOLEON tool which implements parts of the framework is also described
Keywords :
authorisation; business communication; business data processing; computer network management; NAPOLEON tool; abstract layers; abstraction; access control patterns; business asset protection; fine grained access control; hostile environment; information protection; network enterprises; role based access control framework; security administration; security components; security management; Access control; Computer networks; Contracts; Decision making; Information security; Internet; Lakes; Network servers; Object oriented modeling; Protection;
Conference_Titel :
Computer Security Applications Conference, 1998. Proceedings. 14th Annual
Conference_Location :
Phoenix, AZ
Print_ISBN :
0-8186-8789-4
DOI :
10.1109/CSAC.1998.738571
