isrjournals
User Sign in    Editor Sign in

endorsement guideline protocol actuality problem

A.MEENAKSHI SUNDARAM,K. AJITH,C.JOY JAYANTH SWARAJ,SELVAM, M.E.,

Published in International Journal of Advanced Research in Computer Science Engineering and Information Technology

ISSN: 2321-3337          Impact Factor:1.521         Volume:6         Issue:3         Year: 31 March,2021         Pages:1500-1507

International Journal of Advanced Research in Computer Science Engineering and Information Technology

Abstract

Access control is a fundamental aspect of the security of any multi-user computing system, and is typically based on the specification and enforcement of an authorization policy. Such a policy identifies which interactions between users and resources are to be allowed by the system. Over the last twenty years, authorization policies have become more complex, not least because of the introduction of constraints, which further refine an authorization policy. A separation-of-duty constraint also known as the two man rule or four-eyes policy may, for example, require that no single user is authorized for some particularly. sensitive group of resources. Such a constraint is typically used to prevent misuse of the system by a single user. The use of authorization policies and constraints, by design, limits which users may access resources. Nevertheless, the ability to perform one’s duties requires access to particular resources, and overly prescriptive policies and constraints may mean that some resources are inaccessible. In short, tension may exist between authorization policies and operational demands: too lax a policy may suit organizational demands but lead to security violations; whereas too restrictive policy may compromise an organization’s ability to meet its business objectives.

Kewords

Access control

Reference

1.P.Berge,”The authorization policy existence problem “,iconf.Data Appl.secure,privacy,2017 2.J.Crampton ,”Resiliency policies in access control revisited”,in proc.21st ACM symp.Access control Models Technol.,2016. 3.N.Li,Q.wang ,”Resiliency policies in access control”.ACM trans.inf.syst.,2009 4.Q.Wang ,”Satisifiability and resiliency workflow in authorization system”,ACM trans.inf.syst.secure.,No.4,2010. 5.A.Bjorkhand,”Set partitioning via inclusion-exclusion ,”SIAM J.compute,2019. 6.Gregory gutin,”Authorization policy existence problem,IEEE paper,2016. 7 .U.M.Gokhale,”AES Algorithm for encryption”,IEEE PAPER,2016. 8.Prasoon Raghav,Rajat Parashar “Securing data in cloud using AES algorithm”,IEEE,2016. 9.Bih-Hwang Lee Data security in cloud computing using AES under HEROKU cloud,IEEE PAPER,2016 10.Jason crampton,”The authorization policy existence problem”,IEEE PAPER,2018.