• May 03, 2016 News! IJIET Vol. 5, No. 10 has been indexed by EI (Inspec).   [Click]
  • Mar 13, 2017 News!Vol. 7, No. 5 has been indexed by Crossref.
  • Mar 10, 2017 News!Vol. 7, No. 5 issue has been published online!   [Click]
General Information
    • ISSN: 2010-3689
    • Frequency: Bimonthly (2011-2014); Monthly (Since 2015)
    • DOI: 10.18178/IJIET
    • Editor-in-Chief: Prof. Dr. Steve Thatcher
    • Executive Editor: Ms. Nancy Y. Liu
    • Abstracting/ Indexing: EI (INSPEC, IET), Electronic Journals Library, Google Scholar, Crossref and ProQuest
    • E-mail: ijiet@ejournal.net
Editor-in-chief
Prof. Dr. Steve Thatcher
University of South Australia, Australia
It is my honor to be the editor-in-chief of IJIET. The journal publishes good papers which focous on the advanced researches in the field of information and education technology. Hopefully, IJIET will become a recognized journal among the scholars in the filed of information and education technology.
IJIET 2014 Vol.4(6): 468-472 ISSN: 2010-3689
DOI: 10.7763/IJIET.2014.V4.452

An Access Control List for Role-Based System: An Observation and Recommendation

Sharipah Setapa and Tengku Puteri Suhilah
Abstract—Access control list have been implemented in many area. This concept of rules can be used to manage user authorization in the large organization. It can be designed based on standard Role Based Access Control List (RBAC) or equivalent. Role access control list should be surrounding by module such as identification, authentication, authorization and auditing which can make the system effective. Role mining will help to define each task correctly in order to avoid conflict when the system establish. Once the identification is been provided system will authenticate based on active directory or through protected database based on hardware of software. A strong authentication and encrypted will increase user confident to access and employ role based system. The database can be located in the same system or it can be in different location. The structure of access control list and the relation with database will define the efficiency and performance of the system. Once the system is working an audit trail will be provided to check all processing and action. A good policy will defined the correct access to specific task. The management of role and policies will assist the access control list to perform as been intended to reduce potential risks and vulnerabilities by embed in the network or through VPN workflow. In this paper architecture, design and policy will be further discussed through the observation and recommendation to increase the maturity of access control in the organization.

Index Terms—Access control list, flexibility, role, security, embedded.

Sharipah Setapa is with MIMOS, Malaysia (e-mail: sharipah@mimos.my).

[PDF]

Cite: Sharipah Setapa and Tengku Puteri Suhilah, "An Access Control List for Role-Based System: An Observation and Recommendation," International Journal of Information and Education Technology vol. 4, no. 6, pp. 468-472, 2014.

Copyright © 2008-2016. International Journal of Information and Education Technology. All rights reserved.
E-mail: ijiet@ejournal.net