An Activity-Based Model for Separation of Duty
نویسندگان
چکیده
This paper offers several contributions for separation of duty (SoD) administration in role-based access control (RBAC) systems. We first introduce a new formal framework, based on business perspective, where SoD constraints are analyzed introducing the activity concept. This notion helps organizations define SoD constraints in terms of business requirements and reduces management complexity in large-scale RBAC systems. The model enables the definition of a wide taxonomy of conflict types. In particular, object-based SoD is introduced using the SoD domain concept, namely the set of data in which transaction conflicts may occur. Together with the formalization of the above properties, in this paper we also show the effectiveness of our proposal: we have applied the model to a large, existing organization; results highlight the benefits of adopting the proposed model in terms of reduced administration cost.
منابع مشابه
Solar Heat Utilization in Separation Column Reboilers Case Study: Amine Regenerator in South Pars Gas Complex, Assalouyeh
The amine regenerator of acid removal unit in South Pars Gas Complex, Assalouyeh, Iran was modeled. This model was fitted to assess the large scale columns and allow application of solar thermal energy for production of low pressure steam. Heat transfer fluids including Therminol oil, sulfur, or salt melt could be applied to yield thermal energy from a solar collector and to store and transfer ...
متن کاملConflict analysis as a means of enforcing static separation of duty requirements in workflow environments
The increasing reliance on information technology to support business processes has emphasised the need for information security mechanisms. This, however, has resulted in an ever-increasing workload in terms of security administration. Policy-based approaches have been proposed, promising to lighten the workload of security administrators. Separation of duty is one of the principles cited as a...
متن کاملModeling of Nanofiltration for Concentrated Electrolyte Solutions using Linearized Transport Pore Model
In this study, linearized transport pore model (LTPM) is applied for modeling nanofiltration (NF) membrane separation process. This modeling approach is based on the modified extended Nernst-Planck equation enhanced by Debye-Huckel theory to take into account the variations of activity coefficient especially at high salt concentrations. Rejection of single-salt (NaCl) electrolyte is inve...
متن کاملSeparation of duties for access control enforcement in workflow environments
Separation of duty, as a security principle, has as its primary objective the prevention of fraud and errors. This objective is achieved by disseminating the tasks and associated privileges for a specific business process among multiple users. This principle is demonstrated in the traditional example of separation of duty found in the requirement of two signatures on a check. Previous work on s...
متن کاملNumerical Simulation of Separation Bubble on Elliptic Cylinders Using Three-equation k-? Turbulence Model
Occurrence of laminar separation bubbles on solid walls of an elliptic cylinder has been simulated using a recently developed transitional model for boundary layer flows. Computational method is based on the solution of the Reynolds averaged Navier-Stokes (RANS) equations and the eddy-viscosity concept. Transitional model tries to simulate streamwise fluctuations, induced by freestream turbulen...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/0810.5351 شماره
صفحات -
تاریخ انتشار 2008