Abstract | ||
---|---|---|
Role-Based Access Control (RBAC) has been a popular solution for securing information systems for more than two decades. The cloud computing model offers a cost effective alternative for large distributed organizations while presenting unique security challenges. This is an important concern for organizations who have significant investments in large RBAC implementations where hundreds of roles have been engineered to realize security policy and safeguard information assets. In this work, we demonstrate the general applicability of ORGODEX, validating this new alternative for engineering scalable access control solutions in the context of cloud computing. Assuming the duties of a Project Manager and Security Architect, we use the ORGODEX model and methodology to collaboratively analyze roles, information, responsibilities and constraints within a multi-disciplinary project team. Next, we realize the deployment of a new shared software solution for two geographically distributed partner institutions. Finally, we publicize results in a comprehensible role and responsibility matrix, thereby facilitating the ongoing maintenance of both the software and authorization service models. |
Year | DOI | Venue |
---|---|---|
2018 | 10.1109/SYSCON.2018.8369532 | 2018 Annual IEEE International Systems Conference (SysCon) |
Keywords | Field | DocType |
Security Models for Cloud Computing,Access Control in Collaboration Environments,Role Based Access Control,Scalability,Complexity,Least privilege | Information system,Computer science,Engineering management,Asset (computer security),Role-based access control,Project team,Project manager,Access control,Security policy,Cloud computing | Conference |
ISBN | Citations | PageRank |
978-1-5386-3665-7 | 0 | 0.34 |
References | Authors | |
26 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Aaron Elliott | 1 | 16 | 2.97 |
Scott Knight | 2 | 1 | 1.13 |