An Ontology-Based Identity and Access Management Metamodel for Secure Adaptive Enterprise Architecture

Nahar, Kamrun

An Ontology-Based Identity and Access Management Metamodel for Secure Adaptive Enterprise Architecture

Nahar, Kamrun

Permalink

Publication Type:: Thesis
Issue Date:: 2021

Open Access

Copyright Clearance Process

Recently Added
In Progress
Open Access

This item is open access.

Adobe PDF

Download contents and abstractAdobe PDF (493.28 kB)

Adobe PDF

Download thesisAdobe PDF (3.8 MB)

View statistics

Full metadata record

Field	Value	Language
dc.contributor.author	Nahar, Kamrun
dc.date.accessioned	2022-01-18T23:12:26Z
dc.date.available	2022-01-18T23:12:26Z
dc.date.issued	2021
dc.identifier.uri	http://hdl.handle.net/10453/153295
dc.description	University of Technology Sydney. Faculty of Engineering and Information Technology.	en_US.UTF-8
dc.description.abstract	Security, driven by the need of securing digital assets, is an indispensable component of a modern digital enterprise. An identity and access management (IAM) system is a vital element of secure digital enterprise architecture (EA). IAM is a combination of identity management (IDM) and an access management system (ACM) where IDM ensures secure access to enterprise resources by verifying an entity's identity. On the other hand, ACM grants appropriate access to protected resources. Developing an adaptive IAM system that fulfils business requirements and can grow over time with the continually evolving business environment is challenging. This demands an ontology-based IAM metamodel, which is adaptive and can be instantiated for different situations. Ontologies are useful to unambiguously conceptualise various constructs of a domain and the interrelations among them. On the other hand, a metamodel defines the semantics of a modelling language. It offers a set of elements that can be utilised to create a model. An IAM metamodel that is founded on an IAM ontology can be semantically expressed, communicated, and managed. This IAM metamodel can be used to create a domain-specific IAM model. This research addresses this need and develops an ontology-based integrated IAM metamodel for secure digital EA using the well-known design science research (DSR) method. The integrated IAM metamodel has four main components: IAM ontology, IDM metamodel, ACM metamodel, and the integrated IAM metamodel. The IAM ontology provides detailed, unambiguous meaning to the necessary IAM-related entities and their relationships. The IDM metamodel offers the set of elements, based on ontology, required to model an IDM system for a particular context. Similarly, the ACM metamodel provides the necessary elements to create domain-specific models for ACM systems. Finally, the integrated IAM metamodel is developed by combining the IDM and ACM metamodels, allowing an enterprise to model their IDM system and ACM system in an integrated manner. The proposed IAM metamodel is evaluated using the demonstration method from DSR. An IAM pattern system has been instantiated using the metamodel for evaluation purposes, consisting of eight patterns. Each pattern focuses on a specific IAM-related problem. Furthermore, a case study has been performed to evaluate the applicability of the developed metamodel. The result of this research indicates that the proposed ontology, metamodel and patterns can be used by academic and architects to design and implement situation-specific IDM and ACM architectures and solutions within the overall context of a secure digital enterprise architecture.	en_US.UTF-8
dc.format	Thesis (MSc(CompSc))
dc.language.iso	en_US	en_US.UTF-8
dc.relation	https://opus.lib.uts.edu.au/bitstream/10453/153295/2/02whole.pdf
dc.rights	The author owns the copyright in this thesis including all reproduction and reuse rights for the work. The work may not be altered without the permission of the copyright owner. Attribution is essential when quoting or paraphrasing from this thesis.
dc.rights	au.edu.uts.lib/ppc
dc.rights	info:eu-repo/semantics/openAccess
dc.title	An Ontology-Based Identity and Access Management Metamodel for Secure Adaptive Enterprise Architecture	en_US.UTF-8
dc.type	Thesis
utslib.copyright.status	open_access	*

Abstract:

Security, driven by the need of securing digital assets, is an indispensable component of a modern digital enterprise. An identity and access management (IAM) system is a vital element of secure digital enterprise architecture (EA). IAM is a combination of identity management (IDM) and an access management system (ACM) where IDM ensures secure access to enterprise resources by verifying an entity's identity. On the other hand, ACM grants appropriate access to protected resources. Developing an adaptive IAM system that fulfils business requirements and can grow over time with the continually evolving business environment is challenging. This demands an ontology-based IAM metamodel, which is adaptive and can be instantiated for different situations. Ontologies are useful to unambiguously conceptualise various constructs of a domain and the interrelations among them. On the other hand, a metamodel defines the semantics of a modelling language. It offers a set of elements that can be utilised to create a model. An IAM metamodel that is founded on an IAM ontology can be semantically expressed, communicated, and managed. This IAM metamodel can be used to create a domain-specific IAM model. This research addresses this need and develops an ontology-based integrated IAM metamodel for secure digital EA using the well-known design science research (DSR) method. The integrated IAM metamodel has four main components: IAM ontology, IDM metamodel, ACM metamodel, and the integrated IAM metamodel. The IAM ontology provides detailed, unambiguous meaning to the necessary IAM-related entities and their relationships. The IDM metamodel offers the set of elements, based on ontology, required to model an IDM system for a particular context. Similarly, the ACM metamodel provides the necessary elements to create domain-specific models for ACM systems. Finally, the integrated IAM metamodel is developed by combining the IDM and ACM metamodels, allowing an enterprise to model their IDM system and ACM system in an integrated manner. The proposed IAM metamodel is evaluated using the demonstration method from DSR. An IAM pattern system has been instantiated using the metamodel for evaluation purposes, consisting of eight patterns. Each pattern focuses on a specific IAM-related problem. Furthermore, a case study has been performed to evaluate the applicability of the developed metamodel. The result of this research indicates that the proposed ontology, metamodel and patterns can be used by academic and architects to design and implement situation-specific IDM and ACM architectures and solutions within the overall context of a secure digital enterprise architecture.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/153295