An Organization-Structure Oriented Access Control Model and It's Administration

An Organization-Structure Oriented Access Control Model and It's Administration

According to the hierarchical characteristic of real enterprise organization, an organization-structure oriented access control (OSOAC) policy is proposed. To formally describe the policy, the concept of organization domain is introduced and then the elements of access control are redefined. Based o...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Xiaolong Zhao, Yusen Zhang, Yingxun Zhu
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Access control
Administration
ANSI standards
Automation
Control system synthesis
Electronic commerce
Military equipment
NIST
Organization-structure
Permission
Programmable logic arrays
Role instance
Standards publication
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:According to the hierarchical characteristic of real enterprise organization, an organization-structure oriented access control (OSOAC) policy is proposed. To formally describe the policy, the concept of organization domain is introduced and then the elements of access control are redefined. Based on these elements, the core OSOAC model is formally defined. To assure that the administrative frame corresponds with real enterprise structure, the components of OSOAC model is decentralized administrated based on the OSOAC policy. Contrast to RBAC model, there are fewer roles and permission assignment relations in OSOAC model, which reduce the permission-management complexity in a large access control system.
DOI:10.1109/IEEC.2009.126