An Access Control Model for Avoiding Outsourcing Risks
نویسندگان
چکیده
Although the security Outsourcing companies can provide several security services to its customer organizations, but the customer organizations should avoid Outsourcing security risks which emerge from providing security services to the customers through open environments or malicious behaviors which the security providers at Outsourcing companies may carry out. For this problem we propose a new methodology represented in a security design model which combine Cryptography and Access Control techniques to prevent the external security providers of an Outsourcing company to access the sensitive data assets of the customer organizations. We could achieve the realism of this methodology through a proposed algorithm in MATLAP Language. Using our new access control model, the customer organizations can control and manage the external access rights of security providers of specific Outsourcing Company which the customer organization communicated with it .General Terms Security, Outsourcing, and Cryptography
منابع مشابه
Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملDesigning an Outsourcing Model for the Executive Organs of Mazandaran Province (Case Study of Health Networks of Mazandaran Province)
Background and Aim: Today, with the growth of government services and the increase in the workload of organizations due to population growth and increasing the number of citizens receiving services and the lack of government resources in providing manpower as well as the purchase of facilities and machinery The need has led executives to outsource services. Outsourcing is usually used as a way ...
متن کاملA New Extended Analytical Hierarchy Process Technique with Incomplete Interval-valued Information for Risk Assessment in IT Outsourcing
Information technology (IT) outsourcing has been recognized as a new methodology in many organizations. Yet making an appropriate decision with regard to selection and use of these methodologies may impose uncertainties and risks. Estimating the occurrence probability of risks and their impacts organizations goals may reduce their threats. In this study, an extended analytical hierarchical proc...
متن کاملRanking of Outsourcing Risks in Supply Chain of Automotive Industry Using Fuzzy AHP and Fuzzy Inference System
Competition is the driving force of today's economy and it is vital for organizations to gain competitive advantages. In recent years, outsourcing has been the focus of managers as a tool for developing organizations and improving productivity. This study deals to analyze the outsourcing risks of the supply chain in the automotive industry using fuzzy inference systems. For this purpose, in the...
متن کاملAn Outsourcing Acceptance Model: An Application of TAM to Application Development Outsourcing Decisions
The use of outsourcing is expanding rapidly. This chapter empirically tests a model of application development outsourcing acceptance based on the technology acceptance model (TAM). TAM-suggested perceived usefulness and ease of use mediate the effects of other variables on users’ attitudes towards a technology. The model tested in this chapter suggests that perceived usefulness and ease of use...
متن کامل