A metamodel for the design of access-control policy enforcement managers: work in progress

Authors:
Michel Embe Jiague;Marc Frappier;Frédéric Gervais;Régine Laleau;Richard St-Denis
Affiliations:
GRIL, Département d'informatique, Université de Sherbrooke, Sherbrooke, Québec, Canada and LACL, Université Paris-Est IUT Fontainebleau, Fontainebleau, France;GRIL, Département d'informatique, Université de Sherbrooke, Sherbrooke, Québec, Canada;LACL, Université Paris-Est IUT Fontainebleau, Fontainebleau, France;LACL, Université Paris-Est IUT Fontainebleau, Fontainebleau, France;GRIL, Département d'informatique, Université de Sherbrooke, Sherbrooke, Québec, Canada
Venue:
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Year:
2011

Citing 3
Cited 0

Organization based access control

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Role-Based Access Control, Second Edition

Role-Based Access Control, Second Edition
Enforcing ASTD Access-Control Policies with WS-BPEL Processes in SOA Environments

International Journal of Systems and Service-Oriented Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents a metamodel of a policy enforcement manager responsible for applying the rules defined in security policies with the aim to constraint the access to the functionalities and data of information systems. The metamodel is useful to derive platform-specific security models that provide the basis for the design and implementation of such managers for Web services as well as legacy information systems in various business sectors.