An RBAC-based PIB for Provisioning Access Control
نویسندگان
چکیده
This paper presents a framework for representing and distributing access control policies in distributed heterogeneous systems. Access control polices follows the RBAC (Role Based Access Control) model proposed by the NIST. The framework is based on the provisioning strategy defined by IETF, i.e., the RBAC information is represented in terms of a PIB (Policy Information Base) and distributed to the enforcement elements using the COPS-PR protocol. This approach can be explored in several scenarios for configuring both network devices and RBAC-aware applications. A research prototype has been implemented, and the results obtained from a performance analysis of the proposed extensions are summarized and evaluated.
منابع مشابه
Extending Role Based Access Control Model for Distributed Multidomain Applications
This paper presents the results related to the development of a flexible domain-based access control infrastructure for distributed Grid-based Collaborative Environments and Complex Resource Provisioning. The paper proposes extensions to the classical RBAC model to address typical problems and requirements in the distributed hierarchical resource management such as: hierarchical resources polic...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملAttribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملA Policy Based Framework for Access Control
This paper presents a policy-based framework for managing access control in distributed heterogeneous systems. This framework is based on the PDP/PEP approach. The PDP (Policy Decision Point) is a network policy server responsible for supplying policy information for network devices and applications. The PEP (Policy Enforcement Point) is the policy client (usually, a component of the network de...
متن کاملIntroducing Dynamic Identity and Access Management in Organizations
Efficient and secure management of access to resources is a crucial challenge in today’s corporate IT environments. During the last years, introducing company-wide Identity and Access Management (IAM) infrastructures building on the Role-based Access Control (RBAC) paradigm has become the de facto standard for granting and revoking access to resources. Due to its static nature, the management o...
متن کامل