• May 14, 2019 News!IJIET Vol. 7, No. 9-Vol. 8, No. 8 have been indexed by EI (Inspec).   [Click]
  • Apr 15, 2019 News![Call for Papers] Special Issue on Education, Research and Innovation   [Click]
  • May 22, 2019 News!Vol. 9, No. 5 has been indexed by Crossref.
General Information
    • ISSN: 2010-3689 (online)
    • Abbreviated Title: Int. J. Inf. Educ. Technol.
    • Frequency: Monthly
    • DOI: 10.18178/IJIET
    • Editor-in-Chief: Prof. Dr. Steve Thatcher
    • Executive Editor: Ms. Nancy Y. Liu
    • Abstracting/ Indexing: Scopus (Since 2019), EI(INSPEC, IET), EBSCO, Electronic Journals Library, Google Scholar, Crossref, etc.
    • E-mail: ijiet@ejournal.net
Prof. Dr. Steve Thatcher
QUniversity, Australia
It is my honor to be the editor-in-chief of IJIET. The journal publishes good-quality papers which focous on the advanced researches in the field of information and education technology. Hopefully, IJIET will become a recognized journal among the scholars in the related fields.

IJIET 2014 Vol.4(6): 468-472 ISSN: 2010-3689
DOI: 10.7763/IJIET.2014.V4.452

An Access Control List for Role-Based System: An Observation and Recommendation

Sharipah Setapa and Tengku Puteri Suhilah
Abstract—Access control list have been implemented in many area. This concept of rules can be used to manage user authorization in the large organization. It can be designed based on standard Role Based Access Control List (RBAC) or equivalent. Role access control list should be surrounding by module such as identification, authentication, authorization and auditing which can make the system effective. Role mining will help to define each task correctly in order to avoid conflict when the system establish. Once the identification is been provided system will authenticate based on active directory or through protected database based on hardware of software. A strong authentication and encrypted will increase user confident to access and employ role based system. The database can be located in the same system or it can be in different location. The structure of access control list and the relation with database will define the efficiency and performance of the system. Once the system is working an audit trail will be provided to check all processing and action. A good policy will defined the correct access to specific task. The management of role and policies will assist the access control list to perform as been intended to reduce potential risks and vulnerabilities by embed in the network or through VPN workflow. In this paper architecture, design and policy will be further discussed through the observation and recommendation to increase the maturity of access control in the organization.

Index Terms—Access control list, flexibility, role, security, embedded.

Sharipah Setapa is with MIMOS, Malaysia (e-mail: sharipah@mimos.my).


Cite: Sharipah Setapa and Tengku Puteri Suhilah, "An Access Control List for Role-Based System: An Observation and Recommendation," International Journal of Information and Education Technology vol. 4, no. 6, pp. 468-472, 2014.

Copyright © 2008-2019. International Journal of Information and Education Technology. All rights reserved.
E-mail: ijiet@ejournal.net