“Need‐to‐know” principle and fuzzy security clearances modelling

Lech J. Janczewski (Department of Management Science and Information Systems, The University of Auckland, Auckland, New Zealand)
Victor Portougal (Department of Management Science and Information Systems, The University of Auckland, Auckland, New Zealand)

Information Management & Computer Security

ISSN: 0968-5227

Publication date: 1 December 2000

Abstract

The paper discusses the assignment of security clearances to employees in a security conscious organisation. New approaches are suggested for solving two major problems. First, full implementation of the “need‐to‐know” principle is provided by the introduction of data access statements (DAS) as part of an employee’s job description. Second, for the problem of setting up border points between different security clearances, the paper introduces a fuzzy set model. This model helps to solve this problem, effectively connecting it with the cost of security.

Keywords

Citation

Janczewski, L. and Portougal, V. (2000), "“Need‐to‐know” principle and fuzzy security clearances modelling", Information Management & Computer Security, Vol. 8 No. 5, pp. 210-217. https://doi.org/10.1108/09685220010356247

Download as .RIS

Publisher

:

MCB UP Ltd

Copyright © 2000, MCB UP Limited

Please note you might not have access to this content

You may be able to access this content by login via Shibboleth, Open Athens or with your Emerald account.
If you would like to contact us about accessing this content, click the button and fill out the form.
To rent this content from Deepdyve, please click the button.