Deriving current state RBAC models from event logs

Anne Baumgraß

Publikation: Beitrag in Buch/KonferenzbandBeitrag in Konferenzband

Abstract

Process-aware information systems are used to execute business processes to reach the operational goals of an organization. In this context, access control policies are defined to govern the choice in behavior of such systems. In a role engineering process these access control policies can be defined and customized. This paper introduces a new automated approach to derive current state access control policies from event logs extracted from process-aware information systems. For this purpose, the two standard formats for event logs called MXML and XES are used. It is demonstrated how this derivation can ease certain steps in the scenario-driven role engineering process, that are otherwise time-consuming and can get tedious if conducted manually.
OriginalspracheEnglisch
Titel des Sammelwerks2011 Sixth International Conference on Availability, Reliability and Security
Herausgeber*innen IEEE
ErscheinungsortVienna
VerlagIEEE Computer Society Press
Seiten667 - 672
PublikationsstatusVeröffentlicht - 1 Dez. 2011

Zitat