{"title":"网络空间中的工程权威和信任:OM-AM和RBAC方式","authors":"R. Sandhu","doi":"10.1145/344287.344309","DOIUrl":null,"url":null,"abstract":"Information systems of the future will be large-scale, highly decentralized, pervasive, span organizational boundaries and evolve rapidly. Effective security in this cyberspace will require engineering authority and trust retationships across organizations and individuals. In this paper we propose the four-layer OM-AM framework for this purpose. OM-AM comprises objective, model, architecture and mechanism layers in this sequence. The objective and model (OM) layers articulate whatthe security objective and tradeoffs are, while the architecture and mechanism (AM) layers address howto meet these requirements. The hyphen in OM-AM emphasizes the shift from what to how. These layers are roughly analogous to a network protocol stack with a many-to-many relationship between successive layers, and most certainly do not imply a top-down waterfall-style software engineering process. OM-AM is an excellent match to the policy-neutral and flexible nature of role-based access control (RBAC). This paper describes and motivates the OM-AM framework and presents a case study in applying it in a distributed RBAC application.","PeriodicalId":355233,"journal":{"name":"ACM Workshop on Role-Based Access Control","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2000-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"77","resultStr":"{\"title\":\"Engineering authority and trust in cyberspace: the OM-AM and RBAC way\",\"authors\":\"R. Sandhu\",\"doi\":\"10.1145/344287.344309\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Information systems of the future will be large-scale, highly decentralized, pervasive, span organizational boundaries and evolve rapidly. Effective security in this cyberspace will require engineering authority and trust retationships across organizations and individuals. In this paper we propose the four-layer OM-AM framework for this purpose. OM-AM comprises objective, model, architecture and mechanism layers in this sequence. The objective and model (OM) layers articulate whatthe security objective and tradeoffs are, while the architecture and mechanism (AM) layers address howto meet these requirements. The hyphen in OM-AM emphasizes the shift from what to how. These layers are roughly analogous to a network protocol stack with a many-to-many relationship between successive layers, and most certainly do not imply a top-down waterfall-style software engineering process. OM-AM is an excellent match to the policy-neutral and flexible nature of role-based access control (RBAC). This paper describes and motivates the OM-AM framework and presents a case study in applying it in a distributed RBAC application.\",\"PeriodicalId\":355233,\"journal\":{\"name\":\"ACM Workshop on Role-Based Access Control\",\"volume\":\"41 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2000-07-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"77\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Workshop on Role-Based Access Control\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/344287.344309\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Workshop on Role-Based Access Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/344287.344309","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Engineering authority and trust in cyberspace: the OM-AM and RBAC way
Information systems of the future will be large-scale, highly decentralized, pervasive, span organizational boundaries and evolve rapidly. Effective security in this cyberspace will require engineering authority and trust retationships across organizations and individuals. In this paper we propose the four-layer OM-AM framework for this purpose. OM-AM comprises objective, model, architecture and mechanism layers in this sequence. The objective and model (OM) layers articulate whatthe security objective and tradeoffs are, while the architecture and mechanism (AM) layers address howto meet these requirements. The hyphen in OM-AM emphasizes the shift from what to how. These layers are roughly analogous to a network protocol stack with a many-to-many relationship between successive layers, and most certainly do not imply a top-down waterfall-style software engineering process. OM-AM is an excellent match to the policy-neutral and flexible nature of role-based access control (RBAC). This paper describes and motivates the OM-AM framework and presents a case study in applying it in a distributed RBAC application.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
