The 2014 SACMAT is the premier forum for researchers advancing the state of the art in access control
Nedap's research paper demonstrated a solution to overcome complexity and enhance organisational scalability

Researchers of Nedap Security Management have taken another perspective on role based access control, which allows for easier management of identities and authorisations and ultimately enhances organisational scalability. Their research paper “Sorting out role based access control” was awarded the Best Paper Award during the 2014 ACM Symposium on Access Control Models and Technologies (SACMAT), the premier forum for researchers advancing the state of the art in access control.

Managing identities and authorisations in any organisation should be simple, regardless the size and scale of the organisation. This improves compliance to the security policy, increases security, decreases human errors and saves time. However, we noticed that when organisations and companies grow, the management of identities and authorisations often becomes prohibitively complex as management in this case involves, for example, more areas, more people and more schedules, and therefore more permissions and more access-rules.

Wouter Kuijper and Victor Ermolaev, both researchers of Nedap Security Management, have addressed this problem and demonstrated a solution to overcome complexity and enhance organisational scalability. They first identified a fragment of the popular framework for modelling access control rules, role based access control (RBAC) which allowed them to make an important conceptual step in developing a new form of RBAC particularly well suited to physical access control. Their introduction of polarissed, bi-sorted role based access control suggests to treat permissions via demarcations separately from subjects via proper roles, moreover it allows safe and understandable mixing of positive specification style (i.e.: saying who has access) and negative specification style (i.e.: saying who does not have access).

Managing identities and authorisations
in any organisation should be simple,
regardless the size and scale of the
organisation

In contrast, ‘classic’ role based access control does not distinguish proper roles from demarcations and it does not allow the negative specification style to be used. The researchers then propose a third dimension where the 2 administrative perspectives are linked up, which is access management itself, now recovered on a more manageable abstraction level, and much more suitable to the responsibilities of security officers working in large organisations. The decoupling of the 2 administrative perspectives has several benefits for practitioners working within physical security and ultimately leads to more organisational scalability. Presented at the 2014 ACM Symposium on Access Control Models and Technologies (SACMAT) in London, Ontario the research was awarded the Best Paper Award. The SACMAT symposium is organised by the ACM Special Interest group in Security Audit and Control (SIGSAC). It is the premier forum for researchers advancing the state of the art in access control.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

Nedap Security Management news

Nedap announces integration with Forge Bluepoint visitor management system for smart access control

Buildings or sites with existing or future Nedap access control systems can now benefit from integration with Forge Bluepoint visitor management to give people visiting their space smart, secure and time-limited access. Integration with Forge Bluepoint The new integration was customer-driven by HB Reavis’s new building in Bratislava, Nivy Tower, which went live in November. Wayne Lee, Director at Forge, said “We’re excited about this partnership and being able to offer our c...

ASSA ABLOY Opening Solutions introduces Aperio E100 Wireless Escutcheon to secure access control door wirelessly

Flexibility and a trusted record of reliable security in real-world environments: these are critical features when choosing any new electronic locks. With the Aperio E100 Wireless Escutcheon from ASSA ABLOY Opening Solutions, one can get both. A robust device suited to almost any medium- to high-traffic door, the E100 is easy to install wire-free - an ideal choice for both retrofit projects and new buildings. With Aperio’s open platform, it is straightforward to then integrate the escutch...

Hikvision announces the integration of HikCentral video security platform with Nedap AEOS Access Control Solution

Hikvision, an IoT solution provider with video as its core competency, has announced the integration of its HikCentral video security platform with the Nedap AEOS Access Control Solution to provide single-platform operations for users who maintain both Hikvision and Nedap systems. The integration, via Nedap AEOS Connector, provides event information, alarms, and person-data synchronisation of access control and intrusion events between AEOS-connected hardware and HikCentral. This integration en...

Nedap Security Management case studies

ROCKWOOL chooses Nedap’s Global Client Programme to secure its offices and factories worldwide

Manufacturer ROCKWOOL International A.S. has chosen Nedap’s Global Client Programme to secure its offices and factories worldwide. AEOS, the physical security platform by Nedap, installed during the programme, enables ROCKWOOL to establish a truly global security policy and unified work processes. An advanced project rollout, the Global Client Programme is developed for large multinationals and offers several benefits, including standardisation across sites, shorter implementation times a...

Nedap’s AEOS installed at ING’s branch offices in Belgium

Security management in banking is a discipline unlike any other. Rather than integrating all security into one centralised system, some banks choose decentralised security for their branch offices. AEOS, a leading platform in integrated security, turns out to be just as effective when deployed decentrally. ”We were already using Nedap AEOS in our headquarters, as well as various regional offices. Then, in 2011, the security system used by our 800 branch offices in Belgium needed to be ext...

Nedap delivers access control solution to the Flemish Government

The Flemish Government has chosen AEOS access control by Nedap to secure its sites across Belgium and other European countries. It’s awarded a 6-year framework contract, beginning in September 2020, to Nedap channel partner G4S. This will involve G4S replacing the technology for more than 4,000 doors with AEOS. The new AEOS system will accommodate up to 50 software users and will feature various integrations, including visitor management, automatic number plate recognition, mobile readers...