Segurança Multilateral e RBAC para Gerência de Contabilidade em Sistema Distribuídos
Resumo
Este trabalho de pesquisa tem como objetivo propor um modelo que permita responder as questões de segurança em um ambiente de Sistemas Distribuídos. Este modelo de segurança está principalmente relacionado com o gerenciamento de contabilidade em tempo real para múltiplos usuários e múltiplos provedores, onde os aspectos de segurança estão relacionados às políticas e mecanismos propostos pelos modelos de Segurança Multilateral e RBAC (Role-Based Access Control). O modelo foi validado através do uso da técnica de descrição formal LOTOS e também pela implementação de um protótipo.
Referências
Abarca, C.; et al. (1997) Network Resource Architecture. V. 3.0, TINA-C, [http://www.tinac.com], 1997.
Agarwal, V.; et al. (2004) An Information Model for Metering and Accounting. 2004 IEEE/IFIP Network Operations&Management Symposium. NOMS 2004. COEX Convention Center Seoul, Korea. 19 - 23 April 2004.
Alvarez, L. M. C.; et. al.(2001) Development of a prototype based on TINA Accounting and Security Management Architecture. XXI International Conference of the Chilean Society of Computer Science. SCCC 2001, IEEE CS Press. Punta Arenas - Chile, Novembro, 2001. Págs. 50-57.
Alvarez, L. M. C. (2004) Modelo de Segurança Multilateral e RBAC em um Ambiente de Serviço no Contexto de Gerenciamento de Contabilidade TINA. Tese de Doutorado em Ciências da Computação-UFSC. Florianópolis, Agosto 2004.
Brinksma, E. (1988) A Tutorial on LOTOS. ISO 8807 Information Processing Systems - Open System Interconnection - LOTOS. A formal description technique on the temporal ordering of observational behaviour, 1988.
Farley, P.; et al. (1998) Ret Reference Point Specification. V.1.0, TINA-C, [http://www.tinac.com], 1998.
Ferraiolo, D. F.; et al. (1999) A Role-Based Access Control Model and Reference Implementation within a Corporate Intranet. NIST - National Institute of Standards and Technology. 1999.
Garavel, H. (2004) CADP(CAESAR/ALDEBARAN DEVELOPMENT PACKAGE): A Software Engineering Toolbox for Protocol and Distributed Systems - Version 2003-e. INRIA/VASY. Grenoble, França, 2004. http://www.inrialpes.fr/vasy/cadp.
Hamada, T.; et al. (1996) Accounting Management Architecture. TINA-C, [http://www.tinac.com], 1996.
Hamada, T. (1998) Role-Based Access Control in Telecommunication Service Management - Dynamic Role Creation and Management in TINA Service Environment. In: Proceeding of the Third ACM Workshop on Role-Based Access Control, Outubro 1998, USA. Págs. 105 - 113.
Hamada, T.; et al. (2004) Peer-to-Perr Traffic in Metro Networks: Analysis, Modeling, and Policies. 2004 IEEE/IFIP Network Operations&Management Symposium. NOMS 2004. COEX Convention Center Seoul, Korea. 19 - 23 April 2004.
Hwang, J., et al. (2004) Transaction Management for Sender/Receiver - Payment Schemes in Charging and Accounting Systems for Interconnected Networks. 2004 IEEE/IFIP Network Operations&Management Symposium. NOMS 2004. COEX Convention Center Seoul, Korea. 19 - 23 April 2004.
Jansen, W. A. (1998) A Revised Model for Role-Based Access Control. NIST 6192, 1998.
Kelley, D. (2004) Security Management Convergence via SIM (Security Information Management) - A Requirements Perspective. Journal of Network and Systems Management, Vol. 12 - Report, No. 1, Março 2004. págs. 137 - 144.
Koutepas, G.; et al. (2004) Distributed Management Architecture for Cooperative Detection and Reaction to DdoS Attacks. Journal of Network and Systems Management, Vol. 12, No. 1, Março 2004. págs. 73 - 94.
Kristiansen, L.; et al. (1997) TINA Service Architecture 5.0. TINA-C, [http://www.tinac.com], 1997.
Le, M. Van, et al. (2002) Formal Modeling of Service Session Management. IFIP/IEEE International Conference on Management of Multimedia Networks and Services, MMNS 2002. Santa Bárbara - USA, 2002. Págs. 36 - 48.
Le, M. Van, et al. (2004) A Service Component - Based Accounting and Charging Architecture to Support Interim Mechanism across Múltiple Domains. 2004 IEEE/IFIP Network Operations&Management Symposium. NOMS 2004. COEX Convention Center Seoul, Korea. 19 - 23 April 2004.
Manpaey, M. and Couturier, A. (2000) Using TINA Concepts for IN Evolution. In: IEEE Communications Magazine, Junho 2000. págs 94 - 99.
Mulder, H.; et al. (1997) TINA Business Model and Reference Points. TINA-C, [http://www.tinac.com], 1997
Pfitzmann, A.; et al. (2002) Striking a Balance between Cyber-Crime Prevention and Privacy. IPTS - Institute for Prospective Technological Studies. Report vol. 57, 2002.
Pilz A. (2004) "Policy-Maker": a Toolkit for Policy-Based Security Management. 2004 IEEE/IFIP Network Operations&Management Symposium. NOMS 2004. COEX Convention Center Seoul, Korea. 19 - 23 April 2004.
Sekkaki, A.; et al. (2001) Development of a Prototype Based on TINA Accounting Management Architecture. In: IFIP/IEEE International Simposium on Integrated Network Management, 2001. V.1. Págs. 100-120.
Thaler, D. G. e Ravishankar, Ch. V. (2004) An Architecture for Inter - Domain Troubleshooting. Journal of Network and Systems Management, Vol. 12, No. 1, Março 2004. págs. 155 - 189.
Vissers, C. A.; Scollo, G.; Sinderen, M. V. (1988) Architecture and Specification Style in Formal Descriptions of Distributed Systems. University of Twente. The Netherlands, 1988.
Westphall, C. B.; et. al. (2003) Extending TINA with Secure On-Line Accounting Services. Journal of Network and Systems Management. Plenum Publishing Corporation. Meddletown, USA (2003, Vol.11 , No. 4), 2003. Págs. 379 - 397.
Agarwal, V.; et al. (2004) An Information Model for Metering and Accounting. 2004 IEEE/IFIP Network Operations&Management Symposium. NOMS 2004. COEX Convention Center Seoul, Korea. 19 - 23 April 2004.
Alvarez, L. M. C.; et. al.(2001) Development of a prototype based on TINA Accounting and Security Management Architecture. XXI International Conference of the Chilean Society of Computer Science. SCCC 2001, IEEE CS Press. Punta Arenas - Chile, Novembro, 2001. Págs. 50-57.
Alvarez, L. M. C. (2004) Modelo de Segurança Multilateral e RBAC em um Ambiente de Serviço no Contexto de Gerenciamento de Contabilidade TINA. Tese de Doutorado em Ciências da Computação-UFSC. Florianópolis, Agosto 2004.
Brinksma, E. (1988) A Tutorial on LOTOS. ISO 8807 Information Processing Systems - Open System Interconnection - LOTOS. A formal description technique on the temporal ordering of observational behaviour, 1988.
Farley, P.; et al. (1998) Ret Reference Point Specification. V.1.0, TINA-C, [http://www.tinac.com], 1998.
Ferraiolo, D. F.; et al. (1999) A Role-Based Access Control Model and Reference Implementation within a Corporate Intranet. NIST - National Institute of Standards and Technology. 1999.
Garavel, H. (2004) CADP(CAESAR/ALDEBARAN DEVELOPMENT PACKAGE): A Software Engineering Toolbox for Protocol and Distributed Systems - Version 2003-e. INRIA/VASY. Grenoble, França, 2004. http://www.inrialpes.fr/vasy/cadp.
Hamada, T.; et al. (1996) Accounting Management Architecture. TINA-C, [http://www.tinac.com], 1996.
Hamada, T. (1998) Role-Based Access Control in Telecommunication Service Management - Dynamic Role Creation and Management in TINA Service Environment. In: Proceeding of the Third ACM Workshop on Role-Based Access Control, Outubro 1998, USA. Págs. 105 - 113.
Hamada, T.; et al. (2004) Peer-to-Perr Traffic in Metro Networks: Analysis, Modeling, and Policies. 2004 IEEE/IFIP Network Operations&Management Symposium. NOMS 2004. COEX Convention Center Seoul, Korea. 19 - 23 April 2004.
Hwang, J., et al. (2004) Transaction Management for Sender/Receiver - Payment Schemes in Charging and Accounting Systems for Interconnected Networks. 2004 IEEE/IFIP Network Operations&Management Symposium. NOMS 2004. COEX Convention Center Seoul, Korea. 19 - 23 April 2004.
Jansen, W. A. (1998) A Revised Model for Role-Based Access Control. NIST 6192, 1998.
Kelley, D. (2004) Security Management Convergence via SIM (Security Information Management) - A Requirements Perspective. Journal of Network and Systems Management, Vol. 12 - Report, No. 1, Março 2004. págs. 137 - 144.
Koutepas, G.; et al. (2004) Distributed Management Architecture for Cooperative Detection and Reaction to DdoS Attacks. Journal of Network and Systems Management, Vol. 12, No. 1, Março 2004. págs. 73 - 94.
Kristiansen, L.; et al. (1997) TINA Service Architecture 5.0. TINA-C, [http://www.tinac.com], 1997.
Le, M. Van, et al. (2002) Formal Modeling of Service Session Management. IFIP/IEEE International Conference on Management of Multimedia Networks and Services, MMNS 2002. Santa Bárbara - USA, 2002. Págs. 36 - 48.
Le, M. Van, et al. (2004) A Service Component - Based Accounting and Charging Architecture to Support Interim Mechanism across Múltiple Domains. 2004 IEEE/IFIP Network Operations&Management Symposium. NOMS 2004. COEX Convention Center Seoul, Korea. 19 - 23 April 2004.
Manpaey, M. and Couturier, A. (2000) Using TINA Concepts for IN Evolution. In: IEEE Communications Magazine, Junho 2000. págs 94 - 99.
Mulder, H.; et al. (1997) TINA Business Model and Reference Points. TINA-C, [http://www.tinac.com], 1997
Pfitzmann, A.; et al. (2002) Striking a Balance between Cyber-Crime Prevention and Privacy. IPTS - Institute for Prospective Technological Studies. Report vol. 57, 2002.
Pilz A. (2004) "Policy-Maker": a Toolkit for Policy-Based Security Management. 2004 IEEE/IFIP Network Operations&Management Symposium. NOMS 2004. COEX Convention Center Seoul, Korea. 19 - 23 April 2004.
Sekkaki, A.; et al. (2001) Development of a Prototype Based on TINA Accounting Management Architecture. In: IFIP/IEEE International Simposium on Integrated Network Management, 2001. V.1. Págs. 100-120.
Thaler, D. G. e Ravishankar, Ch. V. (2004) An Architecture for Inter - Domain Troubleshooting. Journal of Network and Systems Management, Vol. 12, No. 1, Março 2004. págs. 155 - 189.
Vissers, C. A.; Scollo, G.; Sinderen, M. V. (1988) Architecture and Specification Style in Formal Descriptions of Distributed Systems. University of Twente. The Netherlands, 1988.
Westphall, C. B.; et. al. (2003) Extending TINA with Secure On-Line Accounting Services. Journal of Network and Systems Management. Plenum Publishing Corporation. Meddletown, USA (2003, Vol.11 , No. 4), 2003. Págs. 379 - 397.
Publicado
26/09/2005
Como Citar
ALVAREZ, Luis Marco Cáceres; WESTPHALL, Carlos Becker; WESTPHALL, Carla Merkle.
Segurança Multilateral e RBAC para Gerência de Contabilidade em Sistema Distribuídos. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 5. , 2005, Florianópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2005
.
p. 216-230.
DOI: https://doi.org/10.5753/sbseg.2005.21534.
