標題: | Rules markup for automatic deployment of information security policies |
作者: | Hwang, JJ Cheng, CW 資訊管理與財務金融系 註:原資管所+財金所 Department of Information Management and Finance |
關鍵字: | access control;role-based access control;access control information;extensible markup language |
公開日期: | 2001 |
摘要: | Information security policies define directive principles for information security management. These policies must be implemented in access control models. Role-Based Access Control (RBAC) is a paradigm, with which security policies can be developed from the perspectives of executive officers. Because "role" is tile core part of organizational dynamics, RBAC can provide a vision of adaptive information security management. In organizations, rights are assigned to proper roles and users (employees) are assigned responsibilities of certain roles. With the RBAC model, the function of information and network security can be managed in a flexible way, and better meet tile needs of doing business. XML (eXtensible Markup Language) offers a standard mean for information exchange, and must also be applicable to the exchange of definitions and contents of ACl for distributed applications. In this paper, we propose a classification of rules, which are the base of setting information policies. We also provide two sets of languages in XML: AML (Authorization Markup Language) to formulate these rules, and AUCL (AUthorization Code Language) to express access control information. |
URI: | http://hdl.handle.net/11536/19134 |
ISBN: | 980-07-7541-2 |
期刊: | WORLD MULTICONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL 1, PROCEEDINGS: INFORMATION SYSTEMS DEVELOPMENT |
起始頁: | 44 |
結束頁: | 49 |
Appears in Collections: | Conferences Paper |