Title :
A framework for organisational control principles
Author :
Schaad, Andreas ; Moffett, Jonathan D.
Author_Institution :
Dept. of Comput. Sci., York Univ., UK
Abstract :
Organisational control principles, such as those expressed in the separation of duties, supervision, review and delegation, support the main business goals and activities of an organisation. Some of these principles have previously been described and analysed within the context of role- and policy-based distributed systems, but little has been done with respect to the more general context they are placed in and the analysis of relationships between them. This paper presents a framework in which organisational control principles can be formally expressed and analysed using the Alloy specification language and its constraint analysis tools.
Keywords :
security of data; specification languages; Alloy specification language; business goals; constraint analysis; distributed systems; duties; organisational control; supervision; Application software; Authorization; Computer science; Computer security; Computerized monitoring; Control systems; History; Joining processes; Organizational aspects; Specification languages;
Conference_Titel :
Computer Security Applications Conference, 2002. Proceedings. 18th Annual
Print_ISBN :
0-7695-1828-1
DOI :
10.1109/CSAC.2002.1176294
