Enhancing The ArchiMate® Standard With A Responsibility Modeling Language For Access Rights Management

Enhancing the ArchiMate Standard with a
Responsibility Modeling Language for Access Rights

Management
Christophe Feltus, Eric Dubois, Erik Proper
Iver Band, Michal Petit
christophe.feltus@tudor.lu

5
th
International Conference on Security of Information and Networks (SIN 2012)
22-27 October 2012, Jaipur, India

Plan of the presentation
ArchiMate and access rights

Responsibility modelling

Integration of Responsibility in ArchiMate

Access rights management implemented with EAM

Case study in Hospital

ArchiMate metamodel and the access rights
16/06/2014
5
th
International Conference on Security of
Information and Networks (SIN 2012)
3
ArchiMate metamodel

ArchiMate allows engineering the
access right management and
this management may be
represented by ArchiMate

But we have seen in practice that
providing access right to
business role, in small
companies, is not enough
precise. Connection between
business role and permission is
in practice not automatically true.

(1) Analyze and model the
responsibility.
(2) Integrate the responsibility
in ArchiMate

Responsibility analyze and model
16/06/2014
5
th
4
The responsibility is a charge assigned to an
employee to signify his accountabilities
concerning a business task, and the right
and capacity required to perform those
accountabilities.

The accountability represents the obligation of
what have to be done concerning a
business task and the justification that it is
done to someone else, under threat of
sanction

The capability represents the qualities, the skills
or the resources intrinsic to the employee
and required to perform accountability.

The right represents the resources provided by
the company to the employee and required
to perform accountability.

The assignment is the action of linking an agent
to a responsibility. Delegation process is the
transfer of an agents responsibility
assignment to another agent.

Integrate the responsibility in ArchiMate
16/06/2014 5
Integration of 2 metamodels [Petit]
3 steps approach:
1. Preparation for integration
2. Investigation and definition of
the correspondences
3. Integration of both models

[Petit] M. Petit. Some methodological clues for defining
a unified enterprise modelling language. ICEIMT '01,
pages 359-369, Deventer, The Netherlands, 2003
2. The business role and the
business process/function
/interaction

3. The business object and the
business process/function
/interaction

The integration has allowed
improving the connection
between:
1. The business actor and the
business role

Access right management modelling
with ArchiMate

access right management (RBAC model) is a
process that may also be modelled with EAM

Implementing RBAC using ArchiMate
previous work
16/06/2014 7
Previous work [Band]
1. The data object Users
corresponds to the
Business Actor
2. The data object Roles
Corresponds to the
Business Role
3. The data object
Permissions
corresponds to the
access to data object

[Band] I. Band, Modeling RBAC with SABSA, TOGAF and
ArchiMate, Creating a Foundation for Understanding and
Action, Open Group Conference, Austin, Texas, 2011

7
Business
Actor
Business
object

Business
Role
Business
process /
function /
interaction
Business Role =
(RBAC) Role at the
application layer

Implementing RBAC-Responsibility in ArchiMate
16/06/2014
5
th
8
Based on our Responsibility metamodel,
we have 2 possible assignments:
(1) Business actor to responsibility
(2) Business actor to Business role

At the application layer, the 3 business
concepts are represented through
application objects

To manage the assignment of access rights
to business actor, we also consider the
employees responsibilities and we
define a permission object at the
application layer.

Access rights with ArchiMate/Responsibility
16/06/2014
5
th
9
At the application layer, 3 application
objects are created:
- Business role application object
- Business actor application object
- Responsibility application object
And 4 application functions:
- Compose Bus.Roles with Respons.
- Assign Bus.Actors to Bus.Roles
- Assign Bus.Actors to Respons.
- Assign Permissions to Respons.

Access rights with ArchiMate/Responsibility
16/06/2014
5
th
10
At the application layer, 3 application
objects are created:
- Business role application object
- Business actor application object
- Responsibility application object
And 4 application functions:
- Compose Bus.Roles with Respons.
- Assign Bus.Actors to Bus.Roles
- Assign Bus.Actors to Respons.
- Assign Permissions to Respons.

Optimization of the assignment
16/06/2014
5
th
11
In practice: large amount of
permissions to roles assignment

At this application layer, in order to
optimize the access right
management, we have introduced:
an application Role data object
2 application functions.
CASE STUDY AT THE HOSPITAL

Context of the case study
One of the main Luxembourg hospitals,
more than 2000 employees,
600 beds,
27000 patients in 2011
+ high security requirements such as the confidentiality

Specialized in : serious pathologies, emergency and intensive care.

Problem: No formal alignment between:
- the application layer where employees are provisioned with access rights
- the business layer where business roles are assigned to the employees

Objective of the case study is to illustrate:
(1) the integrated ArchiMate with Responsibility at the business layer,
and
(2) the enhancement of the provisioning of access rights to the employees.
16/06/2014
5
th
13
What we have done
The case study is illustrated with the reception department from the hospital.

The case study has been conducted between January 2011 and January 2012, to
the rhythm of one meeting a month.

During those meetings, the following persons have participated:
the Application support manager,
the Reception department manager and
the Competences manager.

The steps of the case study are the following :
1. Analyse of the Business roles
2. Analyse of the Application roles
3. Analyse of the Responsibilities

16/06/2014
5
th
14
Business roles
Employees are categorized based on their roles defined in the Job description

The job descriptions describe the tasks to be performed by a role, as well as the
necessary knowledge required to be assigned to this role.

The job descriptions, however, do not specify the access rights required on
professional software

An organization chart for the reception department structures the activities into
eight Business sub-roles:
SR1: Receptionist at the municipal hospital.
SR2: Receptionist at the pediatric clinic and the maternity
SR3: Phone reception
SR4: Info desk
SR5: Human resources management
SR6: Department management
SR7: Room operator
SR8: Outsourced guardian

16/06/2014 15
5
th
Business roles

For instance :
The job description of the receptionist sub-role formalizes the five main
activities to be performed by this role:

- Welcome and inform the patient,
- Perform the various technical and administrative tasks,
encode and control the data relating to the admission of ambulatory
or hospital patients,
print and give the admission form to the patients,
manage daily access to the parking,
receive deposits,
issue invoices,
- Contribute to the enhancement and evolution of professional practices,
- Train and mentor new employees,
- Train and supervise trainees.

16/06/2014 16
5
th
Application roles ?
Software architecture
Vertical software are applications
which are used by well defined and
well specified healthcare
businesses.
Eg.:
management of the
laboratory,
endoscopy software,
management of the polyclinic.

Transversal software are those
used together by all healthcare
businesses. Eg.: the dispatching of
the laboratory's results or the
medical imaging.

16/06/2014
Enhancing the ArchiMate Standard with a Responsibility
Modeling Language for Access Rights Management
17
Application roles
With the ERP, the access right
management is realized using
AuthorityObject.

AuthorityObject is composed of zone(s)
from 1 to n based on what authority
check is performed.

Practically, AuthorityObject
corresponds to ERP transactions and
for each transaction, a set of
authorizations are defined such as
create, modify, delete, view historic,
and so forth.

16/06/2014 18
ERP transaction
Application role
5
th
Application roles
5 Functional_roles are:

1. Patient's basic data encoding, that means Add or create, modify, display,
delete patient's basic data and entry, transfer or leaving data related to the
patient
2. Entry, transfer or leaving patient's data encoding
3. Management of the beds status at the hospital
4. Medical delivery encoding
5. Patient invoices creation and modification

1 Reference_user (REFRECEP) sum of Functional_roles 1 3

16/06/2014 19
5
th
ID Responsibility Required Access Right Compose Sub-
Roles
1 Perform the entry record Add or create, modify, display, delete patients basic data
and entry, transfer, or leave data related to the patient
SR1, SR2, SR5
2 Perform the transfer management Display entry, transfer or leave data related to the patient
and all rights related to the statistic software
SR1,SR2, SR5
3 Perform the beds status
management
All rights related to the beds status management SR1,SR2, SR5
4 Perform equipment ordering All rights related to the equipment ordering software SR8
5 Perform the medical encoding for
billing
All right related to the medical delivery encoding SR2
6 Perform the creation and de
modification of patient invoices
(billing)
All rights related to the patient invoices creation and
modification
SR2
7 Inform about the beds status Display rights related to the beds status SR1, SR2, SR3,
SR4
8 Perform the realization of work
plans
Read and write access to the Excel file: Timetable planning SR5
9 Perform the control of the monthly
worksheets
10 Perform the management of HR
indicators: Overtime, Days off,
Hours of recovery
11 Perform the management of the
room
Read access related to the room agenda in Groupwise multi-
users
SR7
12 Perform the verification of the
infrastructure
Write access to the reporting software SR8
13 Fix defective infrastructure All rights related to equipment ordering software SR8
14 Perform the management of the
receptionists
All the rights provided to the sub-roles SR1, SR2, SR3, SR4,
SR5, SR7 and SR8
SR6
15 Inform about the doctor on duty Rights to read the doctors on duty planning SR3
16 Perform the statistical analysis to
follow up the daily business
All rights related to the statistical software SR5, SR7
Responsibility to sub_Role to access rights
Existing mapping:
Application roles to Business sub_Role
SR1: REFRECEP, all rights related to equipment ordering software
SR2: REFRECEP, medical delivery encoding, patient invoices creation and
modification, all rights related to equipment ordering software
SR3: REFRECEP, all rights related to equipment ordering software, right to read the
planning of doctors on duty
modification, all rights related to equipment ordering software, read and write
access to the Excel file: Timetable planning
SR6: All rights provided to the other sub-roles
SR7: Read access related to the room agenda in GroupWise multi-users, read access
to the ticketing tool.
SR8: Write access to the reporting software, all rights related to equipment ordering
software

16/06/2014 21
5
th
software

Existing mapping:
software

16/06/2014 22
SR1, SR2, SR5 do not have to perform equipment ordering, although they
have the right to do it.
5
th
Existing mapping:
software

16/06/2014 23
SR1, SR2, SR5 do not have to perform equipment ordering, although they
have the right to do it.
SR3 and SR4 have too many rights.

The employees assigned to the Phone reception and Infodesk role are
authorized to add or create, modify, display, delete patient's basic data
and entry, transfer, or leaving data related to the patient, although they do
not require these rights.

They possess all rights related to the beds status management, although,
only some of them are required to display information related to the beds
status.
5
th
CONCLUSIONS

Conclusions
16/06/2014 Presentation Tudor 25
Two objectves :
(1) Analyze and model what the responsibility is.
(2) Integrate the responsibility in ArchiMate

Results:

Case studies:
Using responsibility allows a finer assignment of rights to the employees
Check the alignment between the Business Role and the Application Role

Future Works/complementary validations:
Applicability with other EAM ECA

Business/IT alinment
Access
right
management

Enhancing The ArchiMate® Standard With A Responsibility Modeling Language For Access Rights Management

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Enhancing The ArchiMate® Standard With A Responsibility Modeling Language For Access Rights Management

Hochgeladen von

Copyright:

Verfügbare Formate

Enhancing the ArchiMate Standard with a

Responsibility Modeling Language for Access Rights

Das könnte Ihnen auch gefallen