elaborating and verifying rbac policies conforming
play

Elaborating and Verifying RBAC Policies Conforming with CobiT - PowerPoint PPT Presentation

Sep 05, 2022 •151 likes •429 views

Third International Workshop on Requirements Engineering and Law (RELAW 10) - September 28 th 2010 Conceptualizing a Responsibility based Approach for Elaborating and Verifying RBAC Policies Conforming with CobiT Framework Requirements

  1. Third International Workshop on Requirements Engineering and Law (RELAW 10) - September 28 th 2010 Conceptualizing a Responsibility based Approach for Elaborating and Verifying RBAC Policies Conforming with CobiT Framework Requirements Christophe Feltus, Eric Dubois, Michaël Petit

  2. Motivation  The concept of role  Business role  Application role  Governance requirements

  3. Motivation  Our approach  The method that we target is a 2 steps approach

  4. Outlines  Presentation of the Responsibility meta-model  Mapping with CobiT  Mapping with RBAC  Example of assignment process  Conclusions and future works

  5. Presentation of the Responsibility meta- model  Elaboration of the meta-model A state assigned to en employee to signify him its obligation concerning a behavior, the accountability regarding this obligation, and the right necessary to perform it .

  6. Concept of obligation/accountability

  7. Concept of right

  8. Assignment/delegation process

  9. Outlines  Presentation of the Responsibility meta-model  Mapping with CobiT  Mapping with RBAC  Example of assignment process  Conclusions and future works

  10. Building the responsibilities  Responsibility in CobiT are represented using a RACI chart  AI6: Manage Change  Assess impact and prioritise changes based on business needs  Same rights and obligations to all employees ?  Need more precisions

  11. Collect of tasks  Responsibilities from CobiT  Instantiation with CobiT informations :  4 responsibilities, business role (from RACI) and tasks (partially)

  12. Responsibilities to tasks association  From CobiT:  From ITIL:  From the company:

  13. Responsibilities to tasks association  From CobiT: is the employee who gets the action done  From ITIL: is the employee, who provides direction and authorizes an action  From the company:

  14. Rights to tasks association  From CobiT:

  15. Rights to tasks association  From CobiT:

  16. Outlines  Presentation of the Responsibility meta-model  Mapping with CobiT  Mapping with RBAC  Example of assignment process  Conclusions and future works

  17. RBAC :  Role Based Access Control  To simplify the management of granting permissions to users  3 main elements :  User, Role and Permission  2 main functions :  User-role assignment (URA)  Permission-role assignment (PRA)

  18. Mapping responsibility to RBAC role  Business role from Cobit = RBAC concept of role ?  No, because : Cobit Role (or Business role): an employee assigned to that role is not obligatory assigned responsible for all the tasks of the activities.  If Business role = applictaion role, some employees receives to much permissions.

  19. Mapping responsibility to RBAC role  Employee is consulted during assignment process

  20. Mapping responsibility to RBAC role

  21. Outlines  Presentation of the Responsibility meta-model  Mapping with CobiT  Mapping with RBAC  Example of assignment process  Conclusions and future works

  22. Example of assignment process  Task : Prioritizing changes  That task corresponds to one responsibility of being responsible of activity Assess impact and prioritizing changes  Following RACI chart : that activity is assigned to the business roles : BPO, PMO, Head operation, Head development

  23. Example of assignment process  Suppose Bob one BPO identified by the CobiT manager  RBAC adminsitrator may assigned for that task:

  24. Outlines  Presentation of the Responsibility meta-model  Mapping with CobiT  Mapping with RBAC  Example of assignment process  Conclusions and future works

  25. Conclusions and future works  Business needs for a better alignement of the employees’ responsibility from the management frameworks down to the technical rules  Our approach is to use the responibility as a pivite between high layer requirements down to techical rules.  Step 1: Responsibility building :  Business Role, Activities, Tasks, and Rights  Responsibilities  Step 2 : Responsibility assignment :  Responsibilities, Employees, Commitment  Application roles assigned to users

  26. Conclusions and future works  The meta-model of responsibility is considered more or less stable  The method is theoretical and is exploited based on the Cobit framework  Apply it on other frameworks  Generalized the approach  Case study

  27. Thank you ! Questions ?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

ROLE BASED ACCESS CONTROL (RBAC) John Barkley RBAC Project Leader Software Diagnostics and

ROLE BASED ACCESS CONTROL (RBAC) John Barkley RBAC Project Leader Software Diagnostics and

ROLE BASED ACCESS CONTROL (RBAC) John Barkley RBAC Project Leader Software Diagnostics and Conformance Testing National Institute of Standards and Technology (301) 975-3346 jbarkley@nist.gov http://hissa.nist.gov/rbac/ ACTIVE PARTICIPANTS

635 views • 27 slides
Tie-RBAC An application of RBAC to Social Networks Antonio Tapiador Diego Carrera Joaqun

Tie-RBAC An application of RBAC to Social Networks Antonio Tapiador Diego Carrera Joaqun

Tie-RBAC An application of RBAC to Social Networks Antonio Tapiador Diego Carrera Joaqun Salvacha Departamento de Ingeniera de Sistemas Telemticos ETS de Ingenieros de Telecomunicacin Universidad Politcnica de Madrid Access

146 views • 14 slides
Prox-RBAC: A Proximity-based Spatially Aware RBAC Michael S. Kirkpatrick Maria Luisa Damiani

Prox-RBAC: A Proximity-based Spatially Aware RBAC Michael S. Kirkpatrick Maria Luisa Damiani

Prox-RBAC: A Proximity-based Spatially Aware RBAC Michael S. Kirkpatrick Maria Luisa Damiani Elisa Bertino 19 th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems (GIS) Chicago, IL, USA November 4, 2011

482 views • 46 slides
Elaborating The Benefits of Higher Elaborating The Benefits of Higher Education in Wisconsin

Elaborating The Benefits of Higher Elaborating The Benefits of Higher Education in Wisconsin

Thriving in Coldwater: Elaborating The Benefits of Higher Elaborating The Benefits of Higher Education in Wisconsin Education in Wisconsin Invited Presentation and Discussion with Invited Presentation and Discussion with University of

340 views • 32 slides
1 Core RBAC (2) Core RBAC (3) UA USERS ROLES SESSIONS assigned_users : ( r :

1 Core RBAC (2) Core RBAC (3) UA USERS ROLES SESSIONS assigned_users : ( r :

Announcements CS590U Class mailing list Access Control: Theory and David Ferraiolo visit on Sep 16/17 Practice sign-up sheet to meet him after the class Proposal due Sep 30 (20% of grade) Lecture 5 (September 9 th ) Student

437 views • 6 slides
Elaborating the Framework for Various Approaches (FVA) Co-facilitators: Erika Hasznos,

Elaborating the Framework for Various Approaches (FVA) Co-facilitators: Erika Hasznos,

Elaborating the Framework for Various Approaches (FVA) Co-facilitators: Erika Hasznos, Chaiwat Munchareon Global Forum on Environment 19-20 March 2013 Climate Change Expert Group Emerging themes (1) Broad convergence that the FVA

838 views • 4 slides
Contextual Privacy Management in Extended RBAC Model Nabil Ajam, Nora Cuppens, Frdric

Contextual Privacy Management in Extended RBAC Model Nabil Ajam, Nora Cuppens, Frdric

Contextual Privacy Management in Extended RBAC Model Nabil Ajam, Nora Cuppens, Frdric Cuppens 24 september 2009 page 1 Workshop DPM Nabil Ajam Plan Introduction Motivation to use RBAC models Privacy requirements as OrBAC

461 views • 24 slides
Cryptanalysis of a Novel Authentication Protocol Conforming to EPC-C1G2 Standard Pedro

Cryptanalysis of a Novel Authentication Protocol Conforming to EPC-C1G2 Standard Pedro

Cryptanalysis of a Novel Authentication Protocol Conforming to EPC-C1G2 Standard Pedro Peris-Lopez, Julio Cesar Hernandez-Castro, Juan M. Estevez-Tapiador, and Arturo Ribagorda Computer Science Department, Carlos III University of Madrid {

451 views • 12 slides
Elaborating on best practise for traffic calming pedestrian crosswalks Lars Leden Charlotta

Elaborating on best practise for traffic calming pedestrian crosswalks Lars Leden Charlotta

Elaborating on best practise for traffic calming pedestrian crosswalks Lars Leden Charlotta Johansson Peter Rosander Per Grder Structure of presentation Meta analysis of Swedish and Israeli test studies Additional countermeasusures

225 views • 18 slides
- analysis of administrative barriers in foreign trade area; - elaborating and accepting

- analysis of administrative barriers in foreign trade area; - elaborating and accepting

1) 2006-2009 Preparing phase: - analysis of administrative barriers in foreign trade area; - elaborating and accepting legal acts to implantation the principle of Single window - Creating of the Government enterprise Single

307 views • 8 slides
Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of

Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of

Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of Computer Science University of Texas at Austin mihir@cs.utexas.edu 10 November, 2017 1/34 Outline Motivation and related work Our approach

681 views • 34 slides
Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of

Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of

Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of Computer Science University of Texas at Austin mihir@cs.utexas.edu 09 March, 2017 Overview 1. Why we need a verified filesystem 2. Our approach

514 views • 29 slides
Self- -Verifying Verifying Self Self-Verifying * * Dining Philosophers Dining Philosophers

Self- -Verifying Verifying Self Self-Verifying * * Dining Philosophers Dining Philosophers

Self- -Verifying Verifying Self Self-Verifying * * Dining Philosophers Dining Philosophers Dining Philosophers Peter Welch and Neil Brown Peter Welch and Neil Brown School of Computing, University of Kent, UK School of Computing,

675 views • 44 slides
A PHARMACISTS ROLE IN CARING FOR TRANSGENDER AND GENDER NON- CONFORMING PATIENTS J ES S IC

A PHARMACISTS ROLE IN CARING FOR TRANSGENDER AND GENDER NON- CONFORMING PATIENTS J ES S IC

10/3/2016 A PHARMACISTS ROLE IN CARING FOR TRANSGENDER AND GENDER NON- CONFORMING PATIENTS J ES S IC A C O N KLIN , P HA R M D , P HC , BC A C P , A A HIV P , C D E V IS ITIN G A S S IS TA N T P R O FES S O R P HA R M A C Y P R A

329 views • 18 slides
Small cryptographic bytecode D. J. Bernstein elaborating on an idea from Adam Langley 2

Small cryptographic bytecode D. J. Bernstein elaborating on an idea from Adam Langley 2

1 Small cryptographic bytecode D. J. Bernstein elaborating on an idea from Adam Langley 2 Line search: trying to find minimum of function f defined on x -line. e.g. Bisection, trying to find minimum in interval [ x 0 ; x 1 ]:

717 views • 55 slides
Specifying and Verifying Concurrent Algorithms with Histories and Subjectivity Ilya

Specifying and Verifying Concurrent Algorithms with Histories and Subjectivity Ilya

Specifying and Verifying Concurrent Algorithms with Histories and Subjectivity Ilya Sergey Aleks Nanevski Anindya Banerjee ESOP 2015 A logic-based approach for Specifying and Verifying Concurrent Algorithms An

2.36k views • 186 slides
ALLEGHENY COUNTY May 9, 2008 What can you expect? In the next two hours An overview

ALLEGHENY COUNTY May 9, 2008 What can you expect? In the next two hours An overview

ALLEGHENY COUNTY May 9, 2008 What can you expect? In the next two hours An overview of the task force A video and verbal overview of our regions water-related problems Overview of southwestern Pennsylvanias current

844 views • 56 slides
NASS Remote Notarization Task Force Knowledge-Based Verification David Temoshok Applied

NASS Remote Notarization Task Force Knowledge-Based Verification David Temoshok Applied

NASS Remote Notarization Task Force Knowledge-Based Verification David Temoshok Applied Cybersecurity IT Laboratory National Institute of Standards and Technology (NIST) 2/23/2017 1 Todays Discussion NIST and Identity Management

405 views • 12 slides
Theme-based Curriculum and Task-based Activities: A Language Teachers Reflection Yan Zhao

Theme-based Curriculum and Task-based Activities: A Language Teachers Reflection Yan Zhao

Theme-based Curriculum and Task-based Activities: A Language Teachers Reflection Yan Zhao Introduction End of Course Project Dining in a Chinese Restaurant: StarTalk The Texas Teacher Program at University of Houston, Summer, 2012

551 views • 10 slides
5 Ways to Motivate Adult Learners 1. Create a Need 2. Create and Maintain Interest

5 Ways to Motivate Adult Learners 1. Create a Need 2. Create and Maintain Interest

Workshop Agenda Welcome to the workshop Division of large group into small groups based on teaching experience Table Introduction (Who are you? What do you do?) 5 ways to stay motivated as teachers 5 ways that squelch learners

341 views • 9 slides
Graduate School Task Force Stakeholder Presentation April 2020 Updated 4/6/20 1 GRADUATE AND

Graduate School Task Force Stakeholder Presentation April 2020 Updated 4/6/20 1 GRADUATE AND

Graduate School Task Force Stakeholder Presentation April 2020 Updated 4/6/20 1 GRADUATE AND PROFESSIONAL STUDIES Agenda Background Task Force charge and membership Timeline Graduate School Proposal Rationale

744 views • 20 slides
Keeping Dynamics GP Secure February 23, 2017 Charles Allen Senior Managing Consultant BKD

Keeping Dynamics GP Secure February 23, 2017 Charles Allen Senior Managing Consultant BKD

Keeping Dynamics GP Secure February 23, 2017 Charles Allen Senior Managing Consultant BKD Technologies callen@bkd.com To Receive CPE Credit Participate in entire webinar Answer attendance checks & polls when they are provided

288 views • 17 slides
HAYWARD COMMUNITY TASK FORCE MEETING Hayward City Hall 777 B Street, February 22, 2017 2 nd

HAYWARD COMMUNITY TASK FORCE MEETING Hayward City Hall 777 B Street, February 22, 2017 2 nd

HAYWARD COMMUNITY TASK FORCE MEETING Hayward City Hall 777 B Street, February 22, 2017 2 nd Floor, Room 2A 6:00 p.m. 8:00 p.m. Hayward, CA 94541 1 HAYWARD COMMUNITY TASK FORCE W ELCOME Mayor Barbara Halliday 2 HAYWARD COMMUNITY TASK

631 views • 27 slides
Project 2.9 Consolidating and aligning the audit of public debt with ISSAI 100 Cleotilde M.

Project 2.9 Consolidating and aligning the audit of public debt with ISSAI 100 Cleotilde M.

Project 2.9 Consolidating and aligning the audit of public debt with ISSAI 100 Cleotilde M. Tuazon Director IV Commission on Audit Republic of the Philippines Project 2.9 Terms of Reference Tasks Milestones 12 January 2019 10 July 2019 to

345 views • 10 slides

More recommend