Modeling Authorization in Enterprise-wide Contexts
2015 (English)In: PoEM-SDC 2015: Short and Doctoral Consortium Papers at PoEM 2015: Proceedings of Short and Doctoral Consortium Papers Presented at the 8th IFIP WG 8.1 Working Conference on the Practice of Enterprise Modelling (PoEM 2015) Valencia, Spain, November 10-12, 2015. / [ed] Sergio Espana, Jolita Ralyté, Pnina Soffer, Jelena Zdravkovic, Oscar Pastor, CEUR-WS , 2015, Vol. 1497, 81-90 p.Conference paper (Refereed)
Authorization and its enforcement, access control, has stood at the beginning of the art and science of information security, and remains being a crucial pillar of secure operation of IT. Dozens of different models of access control have been proposed. Although enterprise architecture as a discipline strives to support the management of IT, support for modeling authorization in enterprises is lacking, both in terms of supporting the variety of individual models nowadays used, and in terms of providing a unified metamodel capable of flexibly expressing configurations of all or most of the models. This study summarizes a number of existing models of access control, proposes an unified metamodel mapped to ArchiMate, and illustrates its use on a selection of simple cases.
Place, publisher, year, edition, pages
CEUR-WS , 2015. Vol. 1497, 81-90 p.
, CEUR Workshop Proceedings, ISSN 1613-0073
Other Electrical Engineering, Electronic Engineering, Information Engineering
Research subject Industrial Engineering and Management; Information and Communication Technology
IdentifiersURN: urn:nbn:se:kth:diva-177993ScopusID: 2-s2.0-84955257235OAI: oai:DiVA.org:kth-177993DiVA: diva2:875233
The 8th IFIP WG 8.1 working conference on the Practice of Enterprise Modeling (PoEM 2015).
FunderSweGRIDS - Swedish Centre for Smart Grids and Energy StorageSwedish Energy Agency
QC 201602052015-11-302015-11-302016-02-05Bibliographically approved