A model for checking consistency in access control policies for network management

被引：3

作者：

Cridlig, Vincent ^{[1
]}

State, Radu ^{[1
]}

Festor, Olivier ^{[1
]}

机构：

[1] LORIA INRIA Lorraine, 615 Rue Jardin Bot, F-54602 Villers Les Nancy, France

来源：

2007 10TH IFIP/IEEE INTERNATIONAL SYMPOSIUM ON INTEGRATED NETWORK MANAGEMENT (IM 2009), VOLS 1 AND 2 | 2007年

关键词：

D O I：

10.1109/INM.2007.374765

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

This paper addresses the consistency of heterogeneous device access control in the network management area. It addresses well-know network management frameworks like SNMP (v3), CLI, Netconf and the lesser known TR-069 proposed in the framework of ADSL operators. For each of these, a formal definition of the access control model is proposed as well as the conversion towards a unified Role-Based Access Control model. Next, we show how to compare roles and permissions between the generated access control policies and to answer to questions like: which policy is more permissive, what are the common privileges between a set of roles?.

引用

页码：11 / +

页数：2