BusiROLE: A Model for Integrating Business Roles into Identity Management

Authors:
Ludwig Fuchs;Anton Preis
Affiliations:
Department of Information Systems, University of Regensburg, Regensburg, Germany 93053;Institute of Management Accounting and Control, WHU --- Otto Beisheim School of Management, Vallendar, Germany 56179
Venue:
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
Year:
2008

Citing 10
Cited 1

Role-Based Access Control Models

Computer
Process-oriented approach for role-finding to implement role-based security administration in a large industrial organization

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Task-Role Based Access Control (T-RBAC): An Improved Access Control Model for Enterprise Environment

DEXA '00 Proceedings of the 11th International Conference on Database and Expert Systems Applications
Organization based access control

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Engineering of Role/Permission Assignments

ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
A case study: implementing novell identity management at Drew University

Proceedings of the 33rd annual ACM SIGUCCS conference on User services
TrustBAC: integrating trust relationships into the RBAC model for access control in open systems

Proceedings of the eleventh ACM symposium on Access control models and technologies
Role-Based Access Control, Second Edition

Role-Based Access Control, Second Edition
Supporting Compliant and Secure User Handling - A Structured Approach for In-House Identity Management

ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
A Critique of the ANSI Standard on Role-Based Access Control

IEEE Security and Privacy

HyDRo --- Hybrid Development of Roles

ICISS '08 Proceedings of the 4th International Conference on Information Systems Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

The complexity of modern organisations' IT landscapes has grown dramatically over the last decades. Many enterprises initiate role projects in order to reorganise their access structures based on an organisation-wide Identity Management Infrastructure (IdMI). This paper surveys role models and related literature and identifies different role properties. It shows that current role models are not feasible for their usage in IdMIs. By implementing one single type of role they fail to take business requirements and different role perceptions into account. This paper improves the current situation by developing busiROLE, a role model that integrates various types of roles, fulfilling business- as well as IT requirements, and is hence usable in IdMIs.