Back to Search Start Over

Modeling Enterprise Authorization: A Unified Metamodel and Initial Validation

Authors :
Matus Korman
Robert Lagerström
Mathias Ekstedt
Source :
Complex Systems Informatics and Modeling Quarterly, Vol 0, Iss 7, Pp 1-24 (2016)
Publication Year :
2016
Publisher :
Riga Technical University, 2016.

Abstract

Authorization and its enforcement, access control, have stood at the beginning of the art and science of information security, and remain being crucial pillar of security in the information technology (IT) and enterprises operations. Dozens of different models of access control have been proposed. Although Enterprise Architecture as the discipline strives to support the management of IT, support for modeling access policies in enterprises is often lacking, both in terms of supporting the variety of individual models of access control nowadays used, and in terms of providing a unified ontology capable of flexibly expressing access policies for all or the most of the models. This study summarizes a number of existing models of access control, proposes a unified metamodel mapped to ArchiMate, and illustrates its use on a selection of example scenarios and two business cases.

Subjects

Subjects :
Access control
authorization
enterprise architecture
EA modeling
Information technology
T58.5-58.64

Details

Language :
English
ISSN :
22559922
Issue :
7
Database :
Directory of Open Access Journals
Journal :
Complex Systems Informatics and Modeling Quarterly
Publication Type :
Academic Journal
Accession number :
edsdoj.058babd2ece14e1b998c7460de00a0d0
Document Type :
article
Full Text :
https://doi.org/10.7250/csimq.2016-7.01
Full Text Access
View/download PDF

Tools

Authors Abstract Subjects Details