期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2006
卷号:6
期号:12
页码:197-204
出版社:International Journal of Computer Science and Network Security
摘要:Information is an asset for every organization. The constantly increasing nature of computers systems on the functioning of organizations results in concerns about the threats to the information usage. Security requirements approached at the organization level initiate the need for models that capture the organizational and distributed aspects of information usage. Such models have to express organization specific security policies and internal controls aiming to protect information against unauthorized access and modification and against usage of information for unintended purposes. Existing systems follows Role Based Access Control models (RBAC) which are application dependent and whether they address the problems posed by mobile devices such as note books, Personal Digital Assistants (PDA), is an open question. What today’s organization require is flexible, authentication on necessity, context aware access control and enforcement of dynamic authorization? In this paper we propose Context Aware Information Security Architecture to fulfill the organization's security needs.
关键词:Access Control, RBAC, Information Security, Dynamic Authorization, Context aware Systems, and Authentication