If only I can trust my police! SIM : An agent-based audit solution of access right deployment through open network

Abstract

Dynamic and evolved environment make the Information Systems (IS), and consequently access rights to its components, always more complex to define and to manage. To bring up a contribution for improving that matter, our paperpsilas first objective is to realize the development of an automated deployment of policies from an administrative platform that encompasses business requirements down to infrastructurepsilas components and devices. This objective is achieved by adapting the XACML OASIS framework and by formalizing a protocol for information exchange through different components of a multi-agent system. The second paperpsilas objective aims at providing guaranties that defined and deployed access rights are continuously aligned with business requirements. This objective is completed by complementary developments that aim to perform a systematic and/or on-demand audit of the effective rights against the desired ones. This second objective is achieved by adding new functionality to the proposed agents architecture and by adapting the protocol accordingly. Practically, this research has been performed in the framework of the SIM project and has privileged free and open source components for the prototyping phase.