Making the value of data determine the security: A case study of rural business process outsourcing

Singh, Reena and Gonsalves, T A (2018) Making the value of data determine the security: A case study of rural business process outsourcing. Journal of Information Security and Applications, 44 (2). pp. 104-116. ISSN 2214-2126

[img] PDF
5715.pdf - Published Version
Restricted to Registered users only

Download (2MB) | Request a copy


In recent times, a lot of data sharing happen over the Internet. Thus working of the network becomes an important factor for data access. Some scenarios require a user to finish a task on the assigned data within a particular time limit. However, the network access may be intermittent if the user accesses the data over mobile network or low-bandwidth wireless network. This affects the time taken to complete the task. Rural business process outsourcing is one such example. It involves data of low value such as insurance forms, data entry forms etc. for which the restriction of network availability at all times of access can be relaxed. This approach follows the principle of “good-enough security”which recommends that an adequate security measure should depend on the cost of data. Existing models mandate network availability for authorisation. In this work, we propose a network-aware role-based access control (NA- RBAC) model. NA-RBAC facilitates network-aware access and supports user authorisation in the absence of network connectivity. We present its formal specification and verify security properties. We compare the performance of NA-RBAC with RBAC using analytical models and simulations. Simulations show that NA-RBAC scores over RBAC in the presence of network disconnections. Further, we implement NA-RBAC model for RBPO scenario and present results.

Item Type: Article
Uncontrolled Keywords: Access control
Subjects: Engineering > MIT Manipal > Information and Communication Technology
Depositing User: MIT Library
Date Deposited: 10 Jan 2019 04:31
Last Modified: 10 Jan 2019 04:31

Actions (login required)

View Item View Item