PMI (privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer ...PMI (privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC (Role-based Access control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is deseribed in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.展开更多
Information technology companies have grown in size and recognized the need to protect their valuable assets.As a result,each IT application has its authentication mechanism,and an employee needs a username and passwo...Information technology companies have grown in size and recognized the need to protect their valuable assets.As a result,each IT application has its authentication mechanism,and an employee needs a username and password.As the number of applications increased,as a result,it became increasingly complex to manage all identities like the number of usernames and passwords of an employee.All identities had to be retrieved by users.Both the identities and the access rights associated with those identities had to be protected by an administrator.Management couldn’t even capture such access rights because they couldn’t verify things like privacy and security.Identity management can help solve this problem.The concept behind identity management is to centralize identity management and manage access identity centrally rather than multiple applications with their authentication and authorization mechanisms.In this research work,we develop governance and an identity management framework for information and technology infrastructures with privileged access management,consisting of cybersecurity policies and strategies.The results show the efficiency of the framework compared to the existing information security components.The integrated identity and access management and privileged access management enable organizations to respond to incidents and facilitate compliance.It can automate use cases that manage privileged accounts in the real world.展开更多
基金Supported by the National Tenth Five-rear Planfor Scientific and Technological Development of China (413160501)the National Natural Science Foundation of China (50477038)
文摘PMI (privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC (Role-based Access control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is deseribed in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.
基金the Deanship of Scientific Research at Majmaah University for supporting this work under Project Number No.R-2021-150.
文摘Information technology companies have grown in size and recognized the need to protect their valuable assets.As a result,each IT application has its authentication mechanism,and an employee needs a username and password.As the number of applications increased,as a result,it became increasingly complex to manage all identities like the number of usernames and passwords of an employee.All identities had to be retrieved by users.Both the identities and the access rights associated with those identities had to be protected by an administrator.Management couldn’t even capture such access rights because they couldn’t verify things like privacy and security.Identity management can help solve this problem.The concept behind identity management is to centralize identity management and manage access identity centrally rather than multiple applications with their authentication and authorization mechanisms.In this research work,we develop governance and an identity management framework for information and technology infrastructures with privileged access management,consisting of cybersecurity policies and strategies.The results show the efficiency of the framework compared to the existing information security components.The integrated identity and access management and privileged access management enable organizations to respond to incidents and facilitate compliance.It can automate use cases that manage privileged accounts in the real world.
