Authors: Adesina S. Sodiya, Adebukola S. Onashoga
Issues in Informing Science and Information Technology Volume 6 2009
Abstract
Adesina S. Sodiya, AdebuEnsuring adequate security of information has been a growing concern of individuals and organizations. There is then the need to provide suitable access control mechanism for
preventing in- sider abuses and ensuring appropriate use of resources. This paper presents an access control scheme that adopts the techniques of Role-Based Access Control (RBAC), Purpose-Based Access Control (PBAC), Time-Based Access Control (TBAC) and History-Based Access Control (HBAC) as components to form an integrated Components-based Access Control Architecture (CACA). In CACA, an Access Control Score (ACS) is computed from the combined access con- trol techniques. CACA also combines ACS with the sensitivity nature of system resources before a level of access is granted. The architecture was implemented within a payroll system devel- oped using JAVA and SQL. Using usability testing, the evaluation of CACA showed 92 reduc- tion in insider abuses and misuse of privileges. This shows that CACA can provide higher level of security access as against what used to exist. ola S. Onashoga
Â