Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Title:||Specification and Validation of Enterprise Access Control Data for Conformance to Model and Policy Constraints|
|Published:||July 30, 2003|
|Abstract:||The effectiveness of an enterprise access control framework depends upon the integrity of the various components or the building blocks used in that framework. The essential components of that framework are: (a) an Enterprise Access Control Model (b) a Validation mechanism to verify the enterprise access control data developed based on that model, for conformance to the model as well as domain-specific policy constraints and (c) a mechanism to map the enterprise access control data into formats required by native access enforcement mechanisms in the heterogeneous application systems in the enterprise. In this paper we chose the Role-based Access Control Model (RBAC) as a candidate for the enterprise access control model. We develop an XML Schema of an RBAC Model for a specific enterprise context and demonstrate the use of schema features to specify structural and some rudimentary domain constraints. We then annotate that XML Schema of an Enterprise RBAC Model to demonstrate specification and enforcement of some important domain-specific policy constraint using the Schematron language. [Recipient of Best Paper Award]|
|Conference:||7th World Multi-conference on Systemics, Cybernetics and Informatics (WMSCI 2003)|
|Dates:||July 27-30, 2003|
|Keywords:||Enterprise Access Control Data, Policy Constraints, RBAC, Role-Based Access Control, XML Schema|
|Research Areas:||Computer Security|
|PDF version:||Click here to retrieve PDF version of paper (56KB)|