0 Bewertungen0% fanden dieses Dokument nützlich (0 Abstimmungen)
82 Ansichten25 Seiten
Presentation of "Enhancing the ArchiMate® Standard with a Responsibility Modeling Language for Access Rights Management" at SIN CONF 2012 conference, Jaipur, India
Originaltitel
Enhancing the ArchiMate® Standard with a Responsibility Modeling Language for Access Rights Management
Presentation of "Enhancing the ArchiMate® Standard with a Responsibility Modeling Language for Access Rights Management" at SIN CONF 2012 conference, Jaipur, India
Presentation of "Enhancing the ArchiMate® Standard with a Responsibility Modeling Language for Access Rights Management" at SIN CONF 2012 conference, Jaipur, India
Responsibility Modeling Language for Access Rights
Management Christophe Feltus, Eric Dubois, Erik Proper Iver Band, Michal Petit christophe.feltus@tudor.lu
5 th International Conference on Security of Information and Networks (SIN 2012) 22-27 October 2012, Jaipur, India
Plan of the presentation ArchiMate and access rights
Responsibility modelling
Integration of Responsibility in ArchiMate
Access rights management implemented with EAM
Case study in Hospital
ArchiMate metamodel and the access rights 16/06/2014 5 th International Conference on Security of Information and Networks (SIN 2012) 3 ArchiMate metamodel
ArchiMate allows engineering the access right management and this management may be represented by ArchiMate
But we have seen in practice that providing access right to business role, in small companies, is not enough precise. Connection between business role and permission is in practice not automatically true.
(1) Analyze and model the responsibility. (2) Integrate the responsibility in ArchiMate
Responsibility analyze and model 16/06/2014 5 th International Conference on Security of Information and Networks (SIN 2012) 4 The responsibility is a charge assigned to an employee to signify his accountabilities concerning a business task, and the right and capacity required to perform those accountabilities.
The accountability represents the obligation of what have to be done concerning a business task and the justification that it is done to someone else, under threat of sanction
The capability represents the qualities, the skills or the resources intrinsic to the employee and required to perform accountability.
The right represents the resources provided by the company to the employee and required to perform accountability.
The assignment is the action of linking an agent to a responsibility. Delegation process is the transfer of an agents responsibility assignment to another agent.
Integrate the responsibility in ArchiMate 16/06/2014 5 Integration of 2 metamodels [Petit] 3 steps approach: 1. Preparation for integration 2. Investigation and definition of the correspondences 3. Integration of both models
[Petit] M. Petit. Some methodological clues for defining a unified enterprise modelling language. ICEIMT '01, pages 359-369, Deventer, The Netherlands, 2003 2. The business role and the business process/function /interaction
3. The business object and the business process/function /interaction
The integration has allowed improving the connection between: 1. The business actor and the business role
Access right management modelling with ArchiMate
access right management (RBAC model) is a process that may also be modelled with EAM
Implementing RBAC using ArchiMate previous work 16/06/2014 7 Previous work [Band] 1. The data object Users corresponds to the Business Actor 2. The data object Roles Corresponds to the Business Role 3. The data object Permissions corresponds to the access to data object
[Band] I. Band, Modeling RBAC with SABSA, TOGAF and ArchiMate, Creating a Foundation for Understanding and Action, Open Group Conference, Austin, Texas, 2011
7 Business Actor Business object
Business Role Business process / function / interaction Business Role = (RBAC) Role at the application layer
Implementing RBAC-Responsibility in ArchiMate 16/06/2014 5 th International Conference on Security of Information and Networks (SIN 2012) 8 Based on our Responsibility metamodel, we have 2 possible assignments: (1) Business actor to responsibility (2) Business actor to Business role
At the application layer, the 3 business concepts are represented through application objects
To manage the assignment of access rights to business actor, we also consider the employees responsibilities and we define a permission object at the application layer.
Access rights with ArchiMate/Responsibility 16/06/2014 5 th International Conference on Security of Information and Networks (SIN 2012) 9 At the application layer, 3 application objects are created: - Business role application object - Business actor application object - Responsibility application object And 4 application functions: - Compose Bus.Roles with Respons. - Assign Bus.Actors to Bus.Roles - Assign Bus.Actors to Respons. - Assign Permissions to Respons.
Access rights with ArchiMate/Responsibility 16/06/2014 5 th International Conference on Security of Information and Networks (SIN 2012) 10 At the application layer, 3 application objects are created: - Business role application object - Business actor application object - Responsibility application object And 4 application functions: - Compose Bus.Roles with Respons. - Assign Bus.Actors to Bus.Roles - Assign Bus.Actors to Respons. - Assign Permissions to Respons.
Optimization of the assignment 16/06/2014 5 th International Conference on Security of Information and Networks (SIN 2012) 11 In practice: large amount of permissions to roles assignment
At this application layer, in order to optimize the access right management, we have introduced: an application Role data object 2 application functions. CASE STUDY AT THE HOSPITAL
Context of the case study One of the main Luxembourg hospitals, more than 2000 employees, 600 beds, 27000 patients in 2011 + high security requirements such as the confidentiality
Specialized in : serious pathologies, emergency and intensive care.
Problem: No formal alignment between: - the application layer where employees are provisioned with access rights - the business layer where business roles are assigned to the employees
Objective of the case study is to illustrate: (1) the integrated ArchiMate with Responsibility at the business layer, and (2) the enhancement of the provisioning of access rights to the employees. 16/06/2014 5 th International Conference on Security of Information and Networks (SIN 2012) 13 What we have done The case study is illustrated with the reception department from the hospital.
The case study has been conducted between January 2011 and January 2012, to the rhythm of one meeting a month.
During those meetings, the following persons have participated: the Application support manager, the Reception department manager and the Competences manager.
The steps of the case study are the following : 1. Analyse of the Business roles 2. Analyse of the Application roles 3. Analyse of the Responsibilities
16/06/2014 5 th International Conference on Security of Information and Networks (SIN 2012) 14 Business roles Employees are categorized based on their roles defined in the Job description
The job descriptions describe the tasks to be performed by a role, as well as the necessary knowledge required to be assigned to this role.
The job descriptions, however, do not specify the access rights required on professional software
An organization chart for the reception department structures the activities into eight Business sub-roles: SR1: Receptionist at the municipal hospital. SR2: Receptionist at the pediatric clinic and the maternity SR3: Phone reception SR4: Info desk SR5: Human resources management SR6: Department management SR7: Room operator SR8: Outsourced guardian
16/06/2014 15 5 th International Conference on Security of Information and Networks (SIN 2012) Business roles
For instance : The job description of the receptionist sub-role formalizes the five main activities to be performed by this role:
- Welcome and inform the patient, - Perform the various technical and administrative tasks, encode and control the data relating to the admission of ambulatory or hospital patients, print and give the admission form to the patients, manage daily access to the parking, receive deposits, issue invoices, - Contribute to the enhancement and evolution of professional practices, - Train and mentor new employees, - Train and supervise trainees.
16/06/2014 16 5 th International Conference on Security of Information and Networks (SIN 2012) Application roles ? Software architecture Vertical software are applications which are used by well defined and well specified healthcare businesses. Eg.: management of the laboratory, endoscopy software, management of the polyclinic.
Transversal software are those used together by all healthcare businesses. Eg.: the dispatching of the laboratory's results or the medical imaging.
16/06/2014 Enhancing the ArchiMate Standard with a Responsibility Modeling Language for Access Rights Management 17 Application roles Software architecture With the ERP, the access right management is realized using AuthorityObject.
AuthorityObject is composed of zone(s) from 1 to n based on what authority check is performed.
Practically, AuthorityObject corresponds to ERP transactions and for each transaction, a set of authorizations are defined such as create, modify, delete, view historic, and so forth.
16/06/2014 18 ERP transaction Application role 5 th International Conference on Security of Information and Networks (SIN 2012) Application roles Software architecture 5 Functional_roles are:
1. Patient's basic data encoding, that means Add or create, modify, display, delete patient's basic data and entry, transfer or leaving data related to the patient 2. Entry, transfer or leaving patient's data encoding 3. Management of the beds status at the hospital 4. Medical delivery encoding 5. Patient invoices creation and modification
1 Reference_user (REFRECEP) sum of Functional_roles 1 3
16/06/2014 19 5 th International Conference on Security of Information and Networks (SIN 2012) ID Responsibility Required Access Right Compose Sub- Roles 1 Perform the entry record Add or create, modify, display, delete patients basic data and entry, transfer, or leave data related to the patient SR1, SR2, SR5 2 Perform the transfer management Display entry, transfer or leave data related to the patient and all rights related to the statistic software SR1,SR2, SR5 3 Perform the beds status management All rights related to the beds status management SR1,SR2, SR5 4 Perform equipment ordering All rights related to the equipment ordering software SR8 5 Perform the medical encoding for billing All right related to the medical delivery encoding SR2 6 Perform the creation and de modification of patient invoices (billing) All rights related to the patient invoices creation and modification SR2 7 Inform about the beds status Display rights related to the beds status SR1, SR2, SR3, SR4 8 Perform the realization of work plans Read and write access to the Excel file: Timetable planning SR5 9 Perform the control of the monthly worksheets Read and write access to the Excel file: Timetable planning SR5 10 Perform the management of HR indicators: Overtime, Days off, Hours of recovery Read and write access to the Excel file: Timetable planning SR5 11 Perform the management of the room Read access related to the room agenda in Groupwise multi- users SR7 12 Perform the verification of the infrastructure Write access to the reporting software SR8 13 Fix defective infrastructure All rights related to equipment ordering software SR8 14 Perform the management of the receptionists All the rights provided to the sub-roles SR1, SR2, SR3, SR4, SR5, SR7 and SR8 SR6 15 Inform about the doctor on duty Rights to read the doctors on duty planning SR3 16 Perform the statistical analysis to follow up the daily business All rights related to the statistical software SR5, SR7 Responsibility to sub_Role to access rights Existing mapping: Application roles to Business sub_Role SR1: REFRECEP, all rights related to equipment ordering software SR2: REFRECEP, medical delivery encoding, patient invoices creation and modification, all rights related to equipment ordering software SR3: REFRECEP, all rights related to equipment ordering software, right to read the planning of doctors on duty SR4: REFRECEP, all rights related to equipment ordering software SR5: REFRECEP, medical delivery encoding, patient invoices creation and modification, all rights related to equipment ordering software, read and write access to the Excel file: Timetable planning SR6: All rights provided to the other sub-roles SR7: Read access related to the room agenda in GroupWise multi-users, read access to the ticketing tool. SR8: Write access to the reporting software, all rights related to equipment ordering software
16/06/2014 21 5 th International Conference on Security of Information and Networks (SIN 2012) SR1: REFRECEP, all rights related to equipment ordering software SR2: REFRECEP, medical delivery encoding, patient invoices creation and modification, all rights related to equipment ordering software SR3: REFRECEP, all rights related to equipment ordering software, right to read the planning of doctors on duty SR4: REFRECEP, all rights related to equipment ordering software SR5: REFRECEP, medical delivery encoding, patient invoices creation and modification, all rights related to equipment ordering software, read and write access to the Excel file: Timetable planning SR6: All rights provided to the other sub-roles SR7: Read access related to the room agenda in GroupWise multi-users, read access to the ticketing tool. SR8: Write access to the reporting software, all rights related to equipment ordering software
Existing mapping: Application roles to Business sub_Role SR1: REFRECEP, all rights related to equipment ordering software SR2: REFRECEP, medical delivery encoding, patient invoices creation and modification, all rights related to equipment ordering software SR3: REFRECEP, all rights related to equipment ordering software, right to read the planning of doctors on duty SR4: REFRECEP, all rights related to equipment ordering software SR5: REFRECEP, medical delivery encoding, patient invoices creation and modification, all rights related to equipment ordering software, read and write access to the Excel file: Timetable planning SR6: All rights provided to the other sub-roles SR7: Read access related to the room agenda in GroupWise multi-users, read access to the ticketing tool. SR8: Write access to the reporting software, all rights related to equipment ordering software
16/06/2014 22 SR1, SR2, SR5 do not have to perform equipment ordering, although they have the right to do it. 5 th International Conference on Security of Information and Networks (SIN 2012) Existing mapping: Application roles to Business sub_Role SR1: REFRECEP, all rights related to equipment ordering software SR2: REFRECEP, medical delivery encoding, patient invoices creation and modification, all rights related to equipment ordering software SR3: REFRECEP, all rights related to equipment ordering software, right to read the planning of doctors on duty SR4: REFRECEP, all rights related to equipment ordering software SR5: REFRECEP, medical delivery encoding, patient invoices creation and modification, all rights related to equipment ordering software, read and write access to the Excel file: Timetable planning SR6: All rights provided to the other sub-roles SR7: Read access related to the room agenda in GroupWise multi-users, read access to the ticketing tool. SR8: Write access to the reporting software, all rights related to equipment ordering software
16/06/2014 23 SR1, SR2, SR5 do not have to perform equipment ordering, although they have the right to do it. SR3 and SR4 have too many rights.
The employees assigned to the Phone reception and Infodesk role are authorized to add or create, modify, display, delete patient's basic data and entry, transfer, or leaving data related to the patient, although they do not require these rights.
They possess all rights related to the beds status management, although, only some of them are required to display information related to the beds status. 5 th International Conference on Security of Information and Networks (SIN 2012) CONCLUSIONS
Conclusions 16/06/2014 Presentation Tudor 25 Two objectves : (1) Analyze and model what the responsibility is. (2) Integrate the responsibility in ArchiMate
Results:
Case studies: Using responsibility allows a finer assignment of rights to the employees Check the alignment between the Business Role and the Application Role
Future Works/complementary validations: Applicability with other EAM ECA
CGIT 2008 - Definition and Validation of A Business IT Alignment Method For Enterprise Governance Improvement in The Context of Processes Based Organizations - Wellington