Access Control for Web Service Applications: An Example in Collaborative Auditing

Access Control for Web Service Applications: An Example in Collaborative Auditing

Timon C. Du (The Chinese University of Hong Kong, China), Richard Hwang (California State University - San Marcos, USA) and Charles Ling-yu Chou (The Chinese University of Hong Kong, China)
Copyright: © 2007 |Pages: 22
DOI: 10.4018/978-1-59140-678-5.ch010
OnDemand PDF Download:


Given the rapid changes in the information technologies, the issue of information securities and company’s internal controls has become very critical to both internal and external auditors. Recently, external auditors are under pressure to provide real-time assurance. Movement of this kind has complicated as to when and how to grant the access privileges to external auditors. In addition, when there is a high degree of collaborative relationship among organizations, the collaborators need to establish policies of auditors’ access controls and set up conditions and constraints for security and confidentiality reasons. Since auditors among the collaborators have different seniority, the access privileges should be granted based on the seniority of the auditors in the collaborative team members. In contrast, the growth of Web service becomes a new paradigm to provide collaborative auditing service via Web. The access control issue is a crucial issue for the future collaboration. In this study, we propose a role-based Chinese Wall model, which organizes the corporate data into four different types of control groups with different access control policies, for the auditors to access the data among collaborating enterprises. Using the vendor-managed inventories (VMI) example, the study discusses how auditing tasks can be performed under the proposed access control environment. To ensure the functionality of the proposed framework, the study uses Oracle software to demonstrate the feasibility of the model.

Complete Chapter List

Search this Book:
Table of Contents
Eldon Y. Li
Eldon Y. Li, Timon C. Du
Chapter 1
Charles Ling-yu Chou
This chapter introduces the incentives for the creation of the Semantic Web, the methodology for its development, and the current status of this... Sample PDF
From World Wide Web to Semantic Web
Chapter 2
Farshad Hakimpour, Suo Cong, Daniela E. Damm
This chapter introduces the emerging technology of Semantic Web services. It concentrates on two dominant specifications in this domain, namely... Sample PDF
Semantic Descriptions of Web Services
Chapter 3
Sam Lee
This chapter introduces an approach to the development of intelligent Semantic Web services, which are envisioned as system cells that actively... Sample PDF
Developing Intellingent Semantic Web Services
Chapter 4
Quan Thanh Tho, Hui Siu Cheung, A. C.M. Fong
This chapter discusses Semantic Web support for customer services. Customer service support is an important operation for most multinational... Sample PDF
Semantic Web Support for Customer Services
Chapter 5
Wan-Yeung Wong, Tak-Pang Lau, Irwin King, Michael R. Lyu
This chapter gives a tutorial on resource description framework (RDF), its XML representation, and Jena, a set of Java-based API designed and... Sample PDF
A Tutorial on RDF with Jena
Chapter 6
José-Manuel Lopez-Cobo, Sinuhé Arroyo, Miguel-Angel Sicilia, Salvador Sanchez
The evolution of learning technology standards has resulted in a degree of interoperability across systems that enable the interchange of learning... Sample PDF
A Semantic Web Service Architecture for Learing Object Repositories
Chapter 7
Shiu-li Huang, Fu-ren Lin
This chapter designs a multi-agent argumentation system for e-commerce. This system applies Semantic Web technology to facilitate agents to share... Sample PDF
Using Semantic Web to Facilitate Agent-to-Agent Argumentation for e-Commerce
Chapter 8
Timon C. Du, Eldon Y. Li
Business process management systems such as the workflow management system and the enterprise application integration system manage process flow on... Sample PDF
Building Dynamic Business Process in P2P Semantic Web
Chapter 9
Cheng-Jye Luh, Lin-Chih Chen
This chapter presents an intelligent metasearch engine that can recommend a user’s next hyperlink access and relevant paragraphs extracted from... Sample PDF
An Intelligent Metasearch Engine with Link Prediction and Page Clipping Generation Capabilities
Chapter 10
Timon C. Du, Richard Hwang, Charles Ling-yu Chou
Given the rapid changes in the information technologies, the issue of information securities and company’s internal controls has become very... Sample PDF
Access Control for Web Service Applications: An Example in Collaborative Auditing
Chapter 11
Amanda Spink, Robert M. Wolfe, Bernard J. Jansen
This chapter discusses issues related to semantics and the medical Web. Much health information is available on the Web, but not always effectively... Sample PDF
Semantics and the Medical Web: Towards Effective Medical Healthcare Search
Chapter 12
Hsi-Chieh Lee, Szu-Wei Huang, Eldon Y. Li
This study proposes a mining system for finding protein-to-protein interaction literatures from the databases on the Internet. In this system, we... Sample PDF
Web Mining for Protein-to-Protein Interaction Information
Chapter 13
Arijit Sengupta, Henry Kim
We present SWAP (Semantic Web application pyramid), a framework for incorporating ontologies in data-oriented semantic Web applications. We have... Sample PDF
SWAP - A Framework for Ontology Support in Semantic Web Applications
About the Authors