Managing trust between collaborating companies using outsourced role based access control

ACM Workshop on Role-Based Access Control Pub Date : 1999-10-28 DOI:10.1145/319171.319181

T. Hildmann, Jörg Barholdt

{"title":"Managing trust between collaborating companies using outsourced role based access control","authors":"T. Hildmann, Jörg Barholdt","doi":"10.1145/319171.319181","DOIUrl":null,"url":null,"abstract":"In this document we describe an approach for modelling large organisations applying an RBAC-schema to control access to remote services of the organisation. The model is object-oriented, non-hierarchical and divides the organisation into different contexts (posts, groups, persons, services, resources) in which roles are defined local to that context. We explicitly address the problem of access controlling the policy information itself by using the same means as for external resources. Therefore, this approach enables policy information of each context to be managed by another person, namely the one responsible for that very resource context, and makes it superior over strict hierarchical models. The first version of our model was designed to manage the access in one defined organisation. This paper will show how this concept is expanded so that it can also be used for access control between collaborating companies. As an example we will show how an electronic market place can be modelled and each partner in that marketplace can manage access policies to his catalogues, prices, discount rules, orders, etc. on his own while the integrity of the whole marketplace is assured.","PeriodicalId":355233,"journal":{"name":"ACM Workshop on Role-Based Access Control","volume":"532 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1999-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"17","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Workshop on Role-Based Access Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/319171.319181","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 17

Abstract

In this document we describe an approach for modelling large organisations applying an RBAC-schema to control access to remote services of the organisation. The model is object-oriented, non-hierarchical and divides the organisation into different contexts (posts, groups, persons, services, resources) in which roles are defined local to that context. We explicitly address the problem of access controlling the policy information itself by using the same means as for external resources. Therefore, this approach enables policy information of each context to be managed by another person, namely the one responsible for that very resource context, and makes it superior over strict hierarchical models. The first version of our model was designed to manage the access in one defined organisation. This paper will show how this concept is expanded so that it can also be used for access control between collaborating companies. As an example we will show how an electronic market place can be modelled and each partner in that marketplace can manage access policies to his catalogues, prices, discount rules, orders, etc. on his own while the integrity of the whole marketplace is assured.

查看原文本刊更多论文

使用外包的基于角色的访问控制管理协作公司之间的信任

在本文中，我们描述了一种对大型组织建模的方法，该方法应用rbac模式来控制对组织远程服务的访问。该模型是面向对象的，非分层的，并将组织划分为不同的上下文(职位、组、人员、服务、资源)，其中角色定义为该上下文的本地角色。我们使用与外部资源相同的方法，明确地解决访问控制策略信息本身的问题。因此，这种方法使每个上下文的策略信息能够由另一个人(即负责该资源上下文的人)管理，并使其优于严格的分层模型。我们模型的第一个版本被设计为在一个定义的组织中管理访问。本文将展示如何扩展这个概念，以便它也可以用于合作公司之间的访问控制。作为一个例子，我们将展示如何对一个电子市场进行建模，并且该市场中的每个合作伙伴都可以在保证整个市场完整性的同时，自己管理对其目录、价格、折扣规则、订单等的访问策略。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM Workshop on Role-Based Access Control

自引率

0.00%

发文量