Role-Based Access Control Models
Computer
Role based access control with the security administration manager (SAM)
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Managing role/permission relationships using object access types
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Napoleon: network application policy environment
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Network management using expert diagnostics
International Journal of Network Management
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Digital forensics for enterprise rights management systems
Proceedings of the 14th International Conference on Information Integration and Web-based Applications & Services
Hi-index | 0.00 |
We have identified five problems that inhibit effective enterprise security management - policy divide, lack of reproducibility, lack of consistency, lack of coverage and lack of flexibility in current management systems. We discuss these problems and suggest features an enterprise security management framework should have to address them.Mesmerize is an enterprise security management framework that allows holistic enterprise security policy to be interpreted into technology specific directives then translated into device specific configuration.The Mesmerize framework incorporates an information repository, which is accessed and interpreted by manager programs that - in turn - communicate with configuration agents that configure specific devices.The information repository stores network element information as well as security policies that are associated with those network elements. Manager programs make use of the information repository to generate technology specific directives that are sent to configuration agents during policy enforcement. A configuration agent is responsible for translating the technology specific directive into the configuration language of a device or service implementation.Currently we have proof-of-concept management sub-systems for IPChains firewalls (IPChains), BIND domain name servers (BIND), and FreeSWAN virtual private network end-points (FreeSWAN).