| Paper |
Title |
Page |
| TPPA04 |
Role-Based Access Control for the Accelerator Control System at CERN
|
90 |
| |
- P. Charrue, P. Gajewski, V. Kain, K. Kostro, G. Kruk, S. T. Page, M. P. Peryt
CERN, Geneva
- A. D. Petrov, S. R. Gysin
Fermilab, Batavia, Illinois
|
|
| |
Given the significant dangers of LHC operations, access control to the accelerator controls system is required. This paper describes the requirements, design, and implementation of Role-Based Access Control (RBAC) for the LHC and injectors controls systems. It is an overview of the two main components of RBAC: authentication and authorization, and the tools needed to manage access control data. We begin by stating the main requirements of RBAC and then describe the architecture and its implementation. RBAC is developed by LAFS a collaboration between CERN and Fermilab.
|
|
| WPPB08 |
Role-Based Authorization in Equipment Access at CERN
|
415 |
| |
- P. Gajewski, K. Kostro
CERN, Geneva
- S. R. Gysin
Fermilab, Batavia, Illinois
|
|
| |
Given the significant dangers of LHC operations, Role-Based Access Control (RBAC) is designed to protect from accidental and unauthorized access to the LHC and injector equipment. Role-Based Authorization is part of this approach. It has been implemented in the Controls Middleware (CMW) infrastructure so that access to equipment can be restricted according to Access Rules defined jointly by the equipment and operation groups. This paper describes the authorization mechanism, the definition and management of Access Rules and the implementation of this mechanism within the CMW.
|
|