{"title":"Design of software applications using access and actions control policies based on trust","authors":"Marcel Danilescu, Laura Danilescu","doi":"10.1109/CSCI54926.2021.00363","DOIUrl":null,"url":null,"abstract":"Granting access to an organization's information resources is an issue that is the subject of numerous research works, with different approaches. This paper addresses access and action control policies based on the levels of trust given to them.The internal organization of an enterprise implies the existence of a hierarchy of departments, structured in a tree, in which data and information are circulated both ascending and descending. The staff of the organization is the one who carries out various processes, which consist of actions, workflows and/or information flows and events. In order to participate in these processes, a certain level of trust is assigned to the person. The association between the level of trust given to a person and the value of trust attributed to an object leads to the generation of policies implemented by computer applications that use access and actions control based on trust. The creation of these policies and their updating is done from a Policy Creation Point. A Policy Storage point is used to store all policies. The Document Status Point is the location where the document status matrix is located. Thus, The Document Storage Point is the space where documents are stored in electronic format. By creating them, a single point of access to policies is established for their creation and updating, a point where policies are stored, a point of storage of the workflow applied to documents and the active process, and a point of documents storage.Our paper presents, in addition to an original formal model, the use of trust gained by a member of an organization (trust calculated or attributed directly), and an example of its practical applicability in the information processes in the organization.This paper complements our previous work, which focuses on the aspects of using trust in controlling access and user interaction with information processes in the organization. This paper complements our previous work, which focuses on the aspects of using trust in controlling user access and interaction with information processes in the organization.","PeriodicalId":206881,"journal":{"name":"2021 International Conference on Computational Science and Computational Intelligence (CSCI)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Computational Science and Computational Intelligence (CSCI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSCI54926.2021.00363","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Granting access to an organization's information resources is an issue that is the subject of numerous research works, with different approaches. This paper addresses access and action control policies based on the levels of trust given to them.The internal organization of an enterprise implies the existence of a hierarchy of departments, structured in a tree, in which data and information are circulated both ascending and descending. The staff of the organization is the one who carries out various processes, which consist of actions, workflows and/or information flows and events. In order to participate in these processes, a certain level of trust is assigned to the person. The association between the level of trust given to a person and the value of trust attributed to an object leads to the generation of policies implemented by computer applications that use access and actions control based on trust. The creation of these policies and their updating is done from a Policy Creation Point. A Policy Storage point is used to store all policies. The Document Status Point is the location where the document status matrix is located. Thus, The Document Storage Point is the space where documents are stored in electronic format. By creating them, a single point of access to policies is established for their creation and updating, a point where policies are stored, a point of storage of the workflow applied to documents and the active process, and a point of documents storage.Our paper presents, in addition to an original formal model, the use of trust gained by a member of an organization (trust calculated or attributed directly), and an example of its practical applicability in the information processes in the organization.This paper complements our previous work, which focuses on the aspects of using trust in controlling access and user interaction with information processes in the organization. This paper complements our previous work, which focuses on the aspects of using trust in controlling user access and interaction with information processes in the organization.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
