Title :
An RBAC-based policy information base
Author :
Squair, Timothy E. ; Jamhour, Edgard ; Nabhen, Ricardo C.
Author_Institution :
Pontificia Univ. Catolica do Parana, Brazil
Abstract :
This paper presents a framework for representing and distributing access control policies in distributed heterogeneous systems. Access control polices follow the RBAC (role based access control) model proposed by the NIST. The framework is based on the provisioning strategy defined by IETF, i.e., the RBAC information is represented in terms of a PIB (policy information base) and distributed to the enforcement elements using the COPS-PR protocol. This approach can be explored in several scenarios, for configuring both, network devices and RBAC-aware applications. The provisioning process takes into account the capabilities of the enforcement element, permitting to eliminate or adapt the configuration not supported by the managed device or application.
Keywords :
authorisation; distributed processing; protocols; COPS-PR protocol; RBAC-based policy information base; access control policies; distributed heterogeneous systems; role based access control; 3G mobile communication; Access control; Access protocols; Diffserv networks; Multiprotocol label switching; NIST; Permission; Standardization; Standards publication; Transport protocols;
Conference_Titel :
Policies for Distributed Systems and Networks, 2005. Sixth IEEE International Workshop on
Print_ISBN :
0-7695-2265-3
DOI :
10.1109/POLICY.2005.2
