EOrBAC- Based Active Directory Management


A corporate network consists of many individual network security components. Firewall, active directory, and IDS are some examples of these components. Each network security component has its own high level security policy which is translated into low level security mechanisms. There is a wide gap between high level and low level representation of security policy making enforcement of high level security policy faces some essential difficulties. Consistency, verification, and maintenance are the major ones of these difficulties. One approach to overcome these difficulties is to present security policy in an intermediate level and then automate the translation of the intermediate level security policy into low level security mechanisms. Extended Organization Based Access control (EOrBAC) model is valuable step towards introducing this intermediate level. One of the major advantages of EOrBAC is its ability to model most network security components. This paper extends the work of EOrBAC by applying its concept on active directory network security component. Also, an EOrBAC based network security management toolkit is developed to realize this approach.

  • ICACTE 2009 Session 2
  • Abstract
  • Introduction
  • Toolkit Hierarchical Design
  • Active Directory Security Policy Modeling
  • Conclusions
  • References

Related Content

Customize your page view by dragging and repositioning the boxes below.

Related Journal Articles
Related eBook Content
Topic Collections

Sorry! You do not have access to this content. For assistance or to subscribe, please contact us:

  • TELEPHONE: 1-800-843-2763 (Toll-free in the USA)
  • EMAIL: asmedigitalcollection@asme.org
Sign In