IntroductionNetwork management applications are often very large-scale systems, interacting on one side with large numbers of network elements (NEs) and lower-level management systems and on another side with broad ranges of users. Furthermore, both network components and network management system (NMS) users are often spread out both geographically and organizationally, with common tasks performed by distinct groups on different network regions. This characteristic reaches its extreme with the emergence of hosted NMS providers that manage network management applications on behalf of multiple customers and their networks.Clearly, any large-scale NMS, whether internally run or hosted, requires a sophisticated authorization system to grant access to users based on network topology and job function. In this paper, we examine an authorization system developed for a hosted NMS application that is provided by Lucent Technologies to several customers with large networks. We first describe the motivating application and the access control system requirements; we follow this with a brief background on related research in the role-based access control (RBAC) model and how it fits our requirements. We then present our solution along with a discussion of relating and differentiating points
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.