要是我能信任我的警察就好了!SIM:通过开放网络部署访问权限的基于代理的审计解决方案

2008 Third International Conference on Risks and Security of Internet and Systems Pub Date : 2008-10-01 DOI:10.1109/CRISIS.2008.4757467

Christophe Incoul, B. Gâteau, Jocelyn Aubert, Nicolas Bounoughaz, C. Feltus

{"title":"要是我能信任我的警察就好了!SIM:通过开放网络部署访问权限的基于代理的审计解决方案","authors":"Christophe Incoul, B. Gâteau, Jocelyn Aubert, Nicolas Bounoughaz, C. Feltus","doi":"10.1109/CRISIS.2008.4757467","DOIUrl":null,"url":null,"abstract":"Dynamic and evolved environment make the Information Systems (IS), and consequently access rights to its components, always more complex to define and to manage. To bring up a contribution for improving that matter, our paperpsilas first objective is to realize the development of an automated deployment of policies from an administrative platform that encompasses business requirements down to infrastructurepsilas components and devices. This objective is achieved by adapting the XACML OASIS framework and by formalizing a protocol for information exchange through different components of a multi-agent system. The second paperpsilas objective aims at providing guaranties that defined and deployed access rights are continuously aligned with business requirements. This objective is completed by complementary developments that aim to perform a systematic and/or on-demand audit of the effective rights against the desired ones. This second objective is achieved by adding new functionality to the proposed agents architecture and by adapting the protocol accordingly. Practically, this research has been performed in the framework of the SIM project and has privileged free and open source components for the prototyping phase.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"If only I can trust my police! SIM : An agent-based audit solution of access right deployment through open network\",\"authors\":\"Christophe Incoul, B. Gâteau, Jocelyn Aubert, Nicolas Bounoughaz, C. Feltus\",\"doi\":\"10.1109/CRISIS.2008.4757467\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Dynamic and evolved environment make the Information Systems (IS), and consequently access rights to its components, always more complex to define and to manage. To bring up a contribution for improving that matter, our paperpsilas first objective is to realize the development of an automated deployment of policies from an administrative platform that encompasses business requirements down to infrastructurepsilas components and devices. This objective is achieved by adapting the XACML OASIS framework and by formalizing a protocol for information exchange through different components of a multi-agent system. The second paperpsilas objective aims at providing guaranties that defined and deployed access rights are continuously aligned with business requirements. This objective is completed by complementary developments that aim to perform a systematic and/or on-demand audit of the effective rights against the desired ones. This second objective is achieved by adding new functionality to the proposed agents architecture and by adapting the protocol accordingly. Practically, this research has been performed in the framework of the SIM project and has privileged free and open source components for the prototyping phase.\",\"PeriodicalId\":346123,\"journal\":{\"name\":\"2008 Third International Conference on Risks and Security of Internet and Systems\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 Third International Conference on Risks and Security of Internet and Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CRISIS.2008.4757467\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 Third International Conference on Risks and Security of Internet and Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CRISIS.2008.4757467","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

动态和不断发展的环境使得信息系统(IS)及其组件的访问权限的定义和管理总是更加复杂。为了改进这一问题，本文的第一个目标是实现从包含业务需求到基础设施替代组件和设备的管理平台的策略自动部署的开发。通过调整XACML OASIS框架和通过多代理系统的不同组件进行信息交换的形式化协议，可以实现这一目标。第二篇论文的目标是保证定义和部署的访问权限始终与业务需求保持一致。这一目标是通过补充发展来完成的，这些发展旨在对有效权利和期望权利进行系统和/或按需审计。第二个目标是通过向提议的代理体系结构添加新功能并相应地调整协议来实现的。实际上，这项研究是在SIM项目的框架内进行的，并且在原型设计阶段享有免费和开源组件的特权。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

If only I can trust my police! SIM : An agent-based audit solution of access right deployment through open network

Dynamic and evolved environment make the Information Systems (IS), and consequently access rights to its components, always more complex to define and to manage. To bring up a contribution for improving that matter, our paperpsilas first objective is to realize the development of an automated deployment of policies from an administrative platform that encompasses business requirements down to infrastructurepsilas components and devices. This objective is achieved by adapting the XACML OASIS framework and by formalizing a protocol for information exchange through different components of a multi-agent system. The second paperpsilas objective aims at providing guaranties that defined and deployed access rights are continuously aligned with business requirements. This objective is completed by complementary developments that aim to perform a systematic and/or on-demand audit of the effective rights against the desired ones. This second objective is achieved by adding new functionality to the proposed agents architecture and by adapting the protocol accordingly. Practically, this research has been performed in the framework of the SIM project and has privileged free and open source components for the prototyping phase.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2008 Third International Conference on Risks and Security of Internet and Systems

自引率

0.00%

发文量