Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
CBAC – a model for conflict-based access control
Thesis (PhD)--University of Pretoria, 2012.
Saved in:
| Other Authors: | |
|---|---|
| Format: | Thesis |
| Published: |
University of Pretoria
2013
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613662933417984 |
|---|---|
| access_status_str | Open Access |
| author2 | Eloff, Jan H.P. |
| author_browse | Eloff, Jan H.P. |
| author_facet | Eloff, Jan H.P. |
| collection | Thesis |
| dc_rights_str_mv | © 2012 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. |
| description | Thesis (PhD)--University of Pretoria, 2012. |
| format | Thesis |
| id | oai:repository.up.ac.za:2263/25423 |
| institution | University of Pretoria (South Africa) |
| last_indexed | 2026-06-10T12:39:43.129Z |
| license_str | Other — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from UPSpace — University of Pretoria Institutional Repository |
| publishDate | 2013 |
| publishDateRange | 2013 |
| publishDateSort | 2013 |
| publisher | University of Pretoria |
| publisherStr | University of Pretoria |
| record_format | dspace |
| source_str | UPSpace — University of Pretoria Institutional Repository |
| spelling | oai:repository.up.ac.za:2263/25423 CBAC – a model for conflict-based access control Eloff, Jan H.P. loockm@unisa.ac.za Loock, Marianne Competitive advantage Conflict-based access control Confidentiality UCTD Thesis (PhD)--University of Pretoria, 2012. Organisations that seek a competitive advantage cannot afford to compromise their brand reputation or expose it to disrepute. When employees leek information, it is not only the breach of confidentiality that is a problem, but it also causes a major brand reputation problem for the organisation. Any possible breach of confidentiality should be minimised by implementing adequate security within the organisation and among its employees. An important issue to address is the development of suitable access control models that are able to restrict access not only to unauthorised data sets, but also to unauthorised combinations of data sets. Within organisations such as banks, clients may exist that are in conflict with one another. This conflict results from the fact that clients are functioning in the same business domain and that their information should be shielded from one another because they are in competition for various reasons. When information on any of these conflicting clients is extracted from their data sets via a data-mining process and used to their detriment or to the benefit of the guilty party, this is considered a breach of confidentiality. In data-mining environments, access control usually strips the data of any identity so as to concentrate on tendencies and ensure that data cannot be traced back to a respondent. There is an active research field in data mining that focuses specifically on ‘preserving’ the privacy of the data during the data-mining process. However, this approach does not account for those situations when data mining needs to be performed to give answers to specific clients. In such cases, when the clients’ identity cannot be stripped, it is essential to minimise the chances of a possible breach of confidentiality. For this reason, this thesis investigated an environment where conflicting clients’ information can easily be gathered and used or sold, as to justify the inclusion of conflict management in the proposed access control model. This thesis presents the Conflict-based Access Control (CBAC) model. The model makes it possible to manage conflict on different levels of severity among the clients of an organisation – not only as specified by the clients, but also as calculated by the organisation. Both types of conflict have their own cut-off points when the conflict is considered to be of no value any longer. Finally, a proof-of-concept prototype illustrates that the incorporation of conflict management is a viable solution to the problem of access control as it minimises the chances of a breach of confidentiality Computer Science unrestricted 2013-09-06T21:14:47Z 2013-06-27 2013-09-06T21:14:47Z 2013-04-09 2012 2013-06-10 Thesis Loock, M 2012, CBAC – a model for conflict-based access control, PhD thesis, University of Pretoria, Pretoria, viewed yymmdd < http://hdl.handle.net/2263/25423 > D13/4/733/ag http://hdl.handle.net/2263/25423 http://upetd.up.ac.za/thesis/available/etd-06102013-092546/ © 2012 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. application/pdf University of Pretoria |
| spellingShingle | Competitive advantage Conflict-based access control Confidentiality UCTD CBAC – a model for conflict-based access control |
| title | CBAC – a model for conflict-based access control |
| title_full | CBAC – a model for conflict-based access control |
| title_fullStr | CBAC – a model for conflict-based access control |
| title_full_unstemmed | CBAC – a model for conflict-based access control |
| title_short | CBAC – a model for conflict-based access control |
| title_sort | cbac a model for conflict based access control |
| topic | Competitive advantage Conflict-based access control Confidentiality UCTD |
| url | http://hdl.handle.net/2263/25423 http://upetd.up.ac.za/thesis/available/etd-06102013-092546/ |