{"title":"ATLAS实验中基于角色的访问控制","authors":"M. Leahu, M. Dobson, G. Avolio","doi":"10.1109/RTC.2007.4382738","DOIUrl":null,"url":null,"abstract":"The ATLAS experiment operates with a significant number of hardware and software resources. Their protection against misuse is an essential task to ensure a safe and optimal operation. To achieve this goal, the role based access control (RBAC) model has been chosen for its scalability, flexibility, ease of administration and usability from the lowest operating system level to the highest software application level. This paper presents the overall design of RBAC implementation in the ATLAS experiment and the enforcement solutions in different areas such as the system administration, control room desktops and the data acquisition software. The users and the roles are centrally managed using a directory service based on lightweight directory access protocol which is kept in synchronization with the human resources and IT databases.","PeriodicalId":217483,"journal":{"name":"2007 15th IEEE-NPSS Real-Time Conference","volume":"82 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Role Based Access Control in the ATLAS Experiment\",\"authors\":\"M. Leahu, M. Dobson, G. Avolio\",\"doi\":\"10.1109/RTC.2007.4382738\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The ATLAS experiment operates with a significant number of hardware and software resources. Their protection against misuse is an essential task to ensure a safe and optimal operation. To achieve this goal, the role based access control (RBAC) model has been chosen for its scalability, flexibility, ease of administration and usability from the lowest operating system level to the highest software application level. This paper presents the overall design of RBAC implementation in the ATLAS experiment and the enforcement solutions in different areas such as the system administration, control room desktops and the data acquisition software. The users and the roles are centrally managed using a directory service based on lightweight directory access protocol which is kept in synchronization with the human resources and IT databases.\",\"PeriodicalId\":217483,\"journal\":{\"name\":\"2007 15th IEEE-NPSS Real-Time Conference\",\"volume\":\"82 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-11-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 15th IEEE-NPSS Real-Time Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RTC.2007.4382738\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 15th IEEE-NPSS Real-Time Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RTC.2007.4382738","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The ATLAS experiment operates with a significant number of hardware and software resources. Their protection against misuse is an essential task to ensure a safe and optimal operation. To achieve this goal, the role based access control (RBAC) model has been chosen for its scalability, flexibility, ease of administration and usability from the lowest operating system level to the highest software application level. This paper presents the overall design of RBAC implementation in the ATLAS experiment and the enforcement solutions in different areas such as the system administration, control room desktops and the data acquisition software. The users and the roles are centrally managed using a directory service based on lightweight directory access protocol which is kept in synchronization with the human resources and IT databases.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
