CVSM Bibliography, Entry [ VaDW2009LISA ]

Vanbrabant, Bart; Delaet, Thomas; Joosen, Wouter: Federated Access Control and Workflow Enforcement in Systems Configuration; p.129-143 in: Proc. 23rd Large Installation System Administration Conference (LISA '09), November 16, Baltimore, MD, USA; USENIX Association (Awarded Best Student Paper); 2009
Download: Volltext paper
Download: Volltext proceedings
Deskriptoren: CVSM

Abstract: Every organization with more than a few system administrators has policies in place. These policies define who is allowed to change what aspects of the configuration of a computer infrastructure. Although many system configuration tools are available for automating configuration changes in an infrastructure, very little work has been done to enforce the policies dealing with access control and workflow of configuration changes. In this paper, we present ACHEL. ACHEL makes it possible to integrate fine-grained access control into existing configuration tools and to enforce an organization's configuration changes workflow. In addition, we prototype ACHEL on a popular configuration tool and demonstrate its capabilities in two case studies.