Mobile-driven architecture for managing enterprise security policies

Authors:
William Claycomb;Dongwan Shin
Affiliations:
New Mexico Tech, Socorro, NM;New Mexico Tech, Socorro, NM
Venue:
Proceedings of the 44th annual Southeast regional conference
Year:
2006

Citing 8
Cited 0

Process-oriented approach for role-finding to implement role-based security administration in a large industrial organization

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Engineering authority and trust in cyberspace: the OM-AM and RBAC way

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A scenario-driven role engineering process for functional RBAC roles

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Observations on the role life-cycle in the context of enterprise security management

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
On modeling system-centric information for role engineering

Proceedings of the eighth ACM symposium on Access control models and technologies
Access control and trust in the use of widely distributed services

Software—Practice & Experience - Special issue: Middleware
Secure role-based workflow models

Das'01 Proceedings of the fifteenth annual working conference on Database and application security
A role-based infrastructure management system: design and implementation: Research Articles

Concurrency and Computation: Practice & Experience - Computer Security

Quantified Score

Hi-index	0.01

Visualization

Abstract

Authentication, access control, and audit (3As) are three fundamental mechanisms in enterprise security management for countering various types of looming threats from both insiders and outsiders. There has been a variety of web-based or desktop systems implementing those mechanisms, but little supports the applicability of mobile devices in their security management. In this paper we present an approach to managing various types of enterprise security policies using mobile devices in order to effectively monitor and defend trusted domains. Specifically, we describe a security architecture for designing and implementing a mobile-enabled solution for enterprise security management, whereby various benefits such as the backup of important security policies or credentials, offline administration, immediate response, and monitoring, can be achieved. We also present a proof-of-concept implementation using Microsoft Active Directory.