On the interaction between role-based access control and relational databases
Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects
Computer Security in the Real World
Computer
Communications of the ACM - ACM at sixty: a look back in time
A privacy augmented collaborative environment (PACE)
ACS'07 Proceedings of the 7th Conference on 7th WSEAS International Conference on Applied Computer Science - Volume 7
Detecting and resolving policy misconfigurations in access-control systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Protecting Information Sharing in Distributed Collaborative Environment
Advanced Web and NetworkTechnologies, and Applications
A model-based method for security configuration verification
IWSEC'06 Proceedings of the 1st international conference on Security
Security Admin. Tools: Helping us to help ourselves
Network Security
| Hi-index | 0.00 |
Today's complex IT systems and multitude of possible permission configurations create a challenge for IT administrators, especially in determining optimal permission configuration for user groups. This is further exaggerated with the users' privilege requirements not being clearly specified or available. This typically leads to excessively permissive security configurations in IT systems which results in security vulnerabilities. This paper proposes a methodology and high-level architecture for a system that enables to elicit and deploy IT permissions in a convenient and secure manner avoiding many pitfalls that exist today. The proposed methodology's applicability is illustrated using two scenarios: a typical organisation with complex security requirements and a collaborative online environment.