Article

Mobile-driven architecture for managing enterprise security policies

Authors:

William Claycomb,

Dongwan ShinAuthors Info & Claims

ACMSE '06: Proceedings of the 44th annual ACM Southeast Conference

Pages 555 - 559

https://doi.org/10.1145/1185448.1185569

Published: 10 March 2006 Publication History

Abstract

Authentication, access control, and audit (3As) are three fundamental mechanisms in enterprise security management for countering various types of looming threats from both insiders and outsiders. There has been a variety of web-based or desktop systems implementing those mechanisms, but little supports the applicability of mobile devices in their security management. In this paper we present an approach to managing various types of enterprise security policies using mobile devices in order to effectively monitor and defend trusted domains. Specifically, we describe a security architecture for designing and implementing a mobile-enabled solution for enterprise security management, whereby various benefits such as the backup of important security policies or credentials, offline administration, immediate response, and monitoring, can be achieved. We also present a proof-of-concept implementation using Microsoft Active Directory.

References

[1]

J. Bacon, K. Moody, and W. Yao. Access control and trust in the use of widely distributed services. Softw. Pract. Exper., 33(4):375--394, 2003.

Digital Library

[2]

M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis. The KeyNote trust-management system version 2. RFC 2704, September 1999.

Digital Library

[3]

Distributed Management Task Force, Inc. Common Information Model (CIM)-Infrastructure Specification, version 2.3, 2004.

[4]

Gartner. Extranet Access Management Magic Quadrant, Gartner Research Note (ID: M-13-6853), May 2001.

[5]

ITU. ITU-T RECOMMENDATION T.128SHARE-APPLICATION SHARING, 1997. ITU-T Q3/16.

[6]

ITU. ITU-T Recommendation X.509. Information Technology: Open Systems Interconnection - The Directory: Public-Key And Attribute Certificate Frameworks, 2000. ISO/IEC 9594--8.

[7]

S. Kandala and R. Sandhu. Secure role-based workflow models. In Proceedings of the fifteenth annual working conference on Database and application security, Norwell, MA, USA, 2002. Kluwer Academic Publishers.

Digital Library

[8]

A. Kern, M. Kuhlmann, A. Schaad, and J. Moffett. Observations on the role life-cycle in the context of enterprise security management. In Proceedings of 7th ACM Symposium on Access Control Models and Technologies, Monterey, CA, June 2002.

Digital Library

[9]

G. Neumann and M. Strembeck. A scenario-driven role engineering process for functional RBAC roles. In Proceedings of 7th ACM Symposium on Access Control Models and Technologies, Monterey, CA, June 2002.

Digital Library

[10]

R. L. Rivest and B. Lampson. SDSI - a simple distributed security infrastructure. Technical report, September 1996.

[11]

H. Roeckle, G. Schimpf, and R. Weidinger. Process-oriented approach for role-finding to implement role-based security administration in a large industrial organization. In Proceedings of 5th ACM Workshop on Role-Based Access Control, Berlin, Germany, July 26-27 2000.

Digital Library

[12]

RSA Security. RSA ClearTrust Advanced User Management Module, 2004.

[13]

R. Sandhu. Engineering authority and trust in cyberspace: the om-am and rbac way. In Proceedings of 5th ACM Workshop on Role-Based Access Control, pages 71--76, Berlin, Germany, July 26-27 2000. ACM.

Digital Library

[14]

D. Shin and G.-J. Ahn. A role-based infrastructure management system: Design and implementation. Concurrency and Computation: Practice and Experience, 16(11), August 2004.

Digital Library

[15]

D. Shin, G.-J. Ahn, S. Cho, and S. Jin. On modeling system-centric information for role engineering. In Proceedings of 8th ACM Symposium on Access Control Models and Technologies, Como, Italy, June 2-3 2003.

Digital Library

Cited By

Graham MFalkner KSzabo CYarom Y(2021)Security Architecture Framework for EnterprisesEnterprise Information Systems10.1007/978-3-030-75418-1_40(883-904)Online publication date: 1-May-2021
https://doi.org/10.1007/978-3-030-75418-1_40
Dai LBai Y(2011)An Organization-Driven Approach for Enterprise Security Development and ManagementProceedings of the 2011 Fifth International Conference on Secure Software Integration and Reliability Improvement10.1109/SSIRI.2011.25(208-215)Online publication date: 27-Jun-2011
https://dl.acm.org/doi/10.1109/SSIRI.2011.25

Index Terms

Mobile-driven architecture for managing enterprise security policies
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

A formal role-based access control model for security policies in multi-domain mobile networks

Mobile users present challenges for security in multi-domain mobile networks. The actions of mobile users moving across security domains need to be specified and checked against domain and inter-domain policies. We propose a new formal security policy ...
New access control policies for private network and protocol security
BDCA'17: Proceedings of the 2nd international Conference on Big Data, Cloud and Applications

Access control is a means to implement within an information system to ensure its security. The development of two distinct themes which are: Access control and networking, to improve one by using the other. It is a vision that motivated us to look for ...
A reference model for firewall technology
ACSAC '97: Proceedings of the 13th Annual Computer Security Applications Conference

The paper concentrates on one particular technological aspect of providing communications security, firewall technology. Currently firewall technology is a specialized engineering solution rather than a scientifically based solution. The paper ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACMSE '06: Proceedings of the 44th annual ACM Southeast Conference

March 2006

823 pages

ISBN:1595933158

DOI:10.1145/1185448

General Chair:
Ronaldo Menezes
Florida Institute of Technology

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 March 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

ACM SE06

ACM SE06: ACM Southeast Regional Conference

March 10 - 12, 2006

Florida, Melbourne

Acceptance Rates

ACMSE '06 Paper Acceptance Rate 100 of 244 submissions, 41%;

Overall Acceptance Rate 502 of 1,023 submissions, 49%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
645
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Graham MFalkner KSzabo CYarom Y(2021)Security Architecture Framework for EnterprisesEnterprise Information Systems10.1007/978-3-030-75418-1_40(883-904)Online publication date: 1-May-2021
https://doi.org/10.1007/978-3-030-75418-1_40
Dai LBai Y(2011)An Organization-Driven Approach for Enterprise Security Development and ManagementProceedings of the 2011 Fifth International Conference on Secure Software Integration and Reliability Improvement10.1109/SSIRI.2011.25(208-215)Online publication date: 27-Jun-2011
https://dl.acm.org/doi/10.1109/SSIRI.2011.25

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten