Christophe Feltus

Enhancing the ArchiMate® standard with a responsibility modeling language for access rights management

In this paper, we describe an innovative approach for aligning the business layer and the application layer of ArchiMate to ensure that applications manage access rights consistently with enterprise goals and risk tolerances. The alignment is realized by using the responsibility of the employees, which we model using ReMoLa. The main focus of the alignment targets the definition and the assignment of the access rights needed by the employees according to business specification. The approach is illustrated and validated with a case study in a municipal hospital in Luxembourg.

Building a Responsibility Model Including Accountability, Capability and Commitment

This paper aims at building a responsibility model based on the concepts of Accountability, Capability and Commitment. The models objectives are firstly to help organizations for verifying the organizational structure and detecting policy problems and inconsistency. Secondly, the paper brings up a conceptual framework to support organization for defining their corporate, security and access control policies. Our work provides a preliminary review of the researches performed in that field and proposes, based on the analyses, an UML responsibility model and a definition of all its concepts. Thereafter, to propose a formal representation of the model, we have selected the suitable language and logic system. The analyze highlights that an important variable is whether the responsibility is perceived at a user or at a company level.

Conceptual Integration of Enterprise Architecture Management and Security Risk Management

Enterprise Architecture Management (EAM) is considered to provide the mechanism for, amongst others, governing enterprise transformations required by changes in the environment. In this paper, we focus on changes that result from the analysis of information security risks and of their impacts on the services delivered by an enterprise. We present how the concepts of an information system security risks management domain can be mapped into the ArchiMate enterprise architecture modeling language. We illustrate the application of the proposed approach through the handling of a lab case.

Service specification and service compliance: How to consider the responsibility dimension?

Service engineering is a huge research topic that addresses the specification, the compliance and the sharing of business and IT services across companies, institutions or governmental organizations. Despite many advantages of working with the services, the guarantee of service compliance and management of the service overlaps by the stakeholders remains challenging. The objective of this document is to present a methodological approach in order to specify the links between the organizational layer and the informational layer of services. Therefore our research has focused on clarifying the responsibility dimension of the stakeholders involved in those services. The proposed approach is illustrated with an example in the context of sensitive data exchange between stakeholders from the healthcare domain.

A Security Decision-Reaction Architecture for Heterogeneous Distributed Network

The main objective of this paper is to provide a global decision-reaction architectural built on the requirements for a reaction after alert detection mechanisms in the frame of information systems security and more particularly applied to telecom infrastructures security. These infrastructures are distributed in nature, therefore the architecture is elaborated using the multi-agents system that provides the advantages of autonomous and interaction facilities, and has been associated to the ontoBayes model for decision support mechanism. This model helps agents to make decisions according to preference values and is built upon ontology based knowledge sharing, bayesian networks based uncertainty management and influence diagram based decision support. The Multi-Agent System decision-reaction architecture is developed in a distributed perspective and is composed of three basic layers: low level, intermediate level and high level. The proposed approach has been illustrated based on the network architecture for heterogeneous mobile computing developed by the BARWAN project. Accordingly: the Building Area constitutes the low level and aims to be the interface between the main architecture and the targeted infrastructure. The Campus-Area is the intermediate level responsible of correlating the alerts coming from different domains of the infrastructure and to smartly deploy the reaction actions.

Multi-agents system service based platform in telecommunication security incident reaction

The main focus of this paper is to provide a global architectural solution built on the requirements for a reaction after alert detection mechanisms in the frame of Information Systems Security and more particularly applied to telecom infrastructures security. These infrastructures are distributed in nature, therefore the targeted architecture is developed in a distributed perspective and is composed of three basic layers: low level, intermediate level and high level. The low level is dedicated to be the interface between the main architecture and the targeted infrastructure. The intermediate level is responsible of correlating the alerts coming from different domains of the infrastructure and to deploy smartly the reaction actions. This intermediate level is elaborated using multi-agents system that provide the advantages of autonomous and interaction facilities. The high level permits to have a supervision view of the whole infrastructure, and to manage business policy definition. The proposed approach has been successfully experimented for data access control mechanism.

An agent-based framework for identity management: The unsuspected relation with ISO/IEC 15504

The generalization of open and distributed systems and the dynamics of the environment make Information Systems (IS) and, consequently, its access rights management an increasingly complex problem. Even if support for this activity appears to be well handed by current sophisticated solutions, the definition and the exploitation of an access rights management framework appropriately adapted for a company remain challenging. This statement is explained mainly by the continuous growth of the diversity of stakeholderspsila positions and by the criticality of the resources to protect. The SIM project, which stands for ldquoSecure Identity Managementrdquo, addresses this problem. The objectives of our paper are twofold. First, to make rights management align closer to business objectives by providing an innovative approach that focuses on business goals for defining access policy. The ISO/IEC 15504 process-based assessment model has been preferred for that research. Indeed, the structured framework that it offers for the description of activities allows for the establishment of meaningful links with responsibilities concepts. Secondly, to automate the deployment of policies through the company IT infrastructurepsilas components and devices by defining a multi-agent system architecture that provides autonomy and adaptability. Free and open source components have been used for the prototyping phase.

Preliminary Literature Review of Policy Engineering Methods; Toward Responsibility Concept

This paper introduces a preliminary review of the research currently performed in the field of Policy. This review aims to understand the approaches covered by main research streams in that area and to highlight the advantages of the essential and most renowned solutions. The review of the literature quickly provides a plethora of publications that presents innovative proposals on the matter of policy conceptual model, engineering methods, elicitation languages, as well as cases studies. It also brings out that the papers most often refer rather evasively to the organizational model layers when aligning and positioning their theory with organizational concepts. Consequently, it sounds useful to orient and improve our own developments in the purpose of ameliorate that issue. Based on that overviews results, we are able to orient our researches more deeply by proposing an innovative approach that focuses in one hand on a policy model designed to take into account the responsibility of stakeholders and in the other hand on policy engineering method that takes care of business process while at the same time using requirement engineering principles. Responsibility is a notion that remains rarely addressed and that however embodies important and well-know concepts like accountability, capability and commitment. Moreover, responsibility constitutes a fundamental notion of management theory and is consequently identified as a meaningful bridge toward organizational artifacts. Exploiting process to define policy seems likewise to offer new research opportunities since process organizations become a more widely spread structured approach.

Towards the ENTRI Framework: Security Risk Management Enhanced by the Use of Enterprise Architectures

Secure information systems engineering is currently a critical but complex concern. Risk management has become a standard approach to deal with the necessary trade-offs between expected security level and control cost. However, with the current interconnection between information systems combined with the increasing regulation and compliance requirements, it is more and more difficult to achieve real information security governance. Given that risk management is not able to deal with this complexity alone, we claim that a connection with Enterprise Architecture Management (EAM) contributes in addressing the above challenges, thereby sustaining governance and compliance in organisations. In this paper, we motivate the added value of EAM to improve security risk management and propose a research agenda towards a complete framework integrating both domains.

Reputation Based Dynamic Responsibility to Agent Assignement for Critical Infrastructure

Power distribution constitutes a critical service for our economy. To foreseen electricity overload and risks of power blackout according to external perturbations such as the weather, the temperature or the barometric pressure in real time is a crucial challenge. In order to face those problems, research tends to involve consumers in the utilization of the electricity based on weather conditions. Our previous works had proposed an agent based architecture to support this alert mechanism. The architecture exploited a static assignment of functions to agents. That static assignment was a weak point because isolating an agent or breaking the communication channel between two of them created serious damage on the crisis management. In this paper, we complete our previous works and make dynamic the assignment of functions mobile for agents. Our approach exploits the concept of agent responsibility that we dynamically assigned to the agent taking into consideration the agents reputation.