A model for checking consistency in access control policies for network management

Radu State 1 Vincent Cridlig 1 Olivier Festor 1
1 MADYNES - Management of dynamic networks and services
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : This paper addresses the consistency of initially heterogeneous access control policies in the network management area. It addresses the well-know network management frameworks like SNMP (v3), CLI, Netconf and the lesser known TR-069 proposed in the framework of ADSL operators. For each of these, a formal definition of the access control model is proposed as well as the conversion towards a unified Role-Based Access Control model. Next, we show how to compare roles and permissions between the generated access control policies and to answer to questions like: which policy is more permissive, what are the common privileges between a set of roles ?
Type de document :
Communication dans un congrès
IEEE. 10th IFIP/IEEE International Symposium on Integrated Management (IM 2007), May 2007, Munich, Germany. IEEE, 2007
Liste complète des métadonnées

https://hal.inria.fr/inria-00172054
Contributeur : Radu State <>
Soumis le : jeudi 13 septembre 2007 - 23:41:29
Dernière modification le : jeudi 11 janvier 2018 - 06:19:50

Identifiants

  • HAL Id : inria-00172054, version 1

Collections

Citation

Radu State, Vincent Cridlig, Olivier Festor. A model for checking consistency in access control policies for network management. IEEE. 10th IFIP/IEEE International Symposium on Integrated Management (IM 2007), May 2007, Munich, Germany. IEEE, 2007. 〈inria-00172054〉

Partager

Métriques

Consultations de la notice

150