Sciweavers

SAJ
2000

Conflict analysis as a means of enforcing static separation of duty requirements in workflow environments

14 years 7 days ago
Conflict analysis as a means of enforcing static separation of duty requirements in workflow environments
The increasing reliance on information technology to support business processes has emphasised the need for information security mechanisms. This, however, has resulted in an ever-increasing workload in terms of security administration. Policy-based approaches have been proposed, promising to lighten the workload of security administrators. Separation of duty is one of the principles cited as a requirement when setting up these policy-based mechanisms. Different types of separation of duty policies exist. They can be categorised into policies that can be enforced at administration time, viz. static separation of duty requirements and policies that can be enforced only at execution time, viz. dynamic separation of duty requirements. This paper deals with specifying static separation of duty requirements in role-based workflow environments. It proposes a mathematical model based on the concept of "conflicting entities" to express static separation of duty requirements. It prov...
Stephen Perelson, Reinhardt A. Botha
Added 19 Dec 2010
Updated 19 Dec 2010
Type Journal
Year 2000
Where SAJ
Authors Stephen Perelson, Reinhardt A. Botha
Comments (0)