Operative vs. Technical Role Management in Emergency Organizations

Operative vs. Technical Role Management in Emergency Organizations

Taina Kurki (University of Eastern Finland, Finland) and Hanna-Miina Sihvonen (University of Eastern Finland, Finland)
DOI: 10.4018/jiscrm.2012040102

Abstract

Operative role management relates to delegating the right roles to the right resources at a specific moment. Role management is commonly understood as technical role management, relating to access control and administrative role management. Operative role management is the practical daily work of emergency organizations’ personnel and relates to overall resource management. The authors have carried out in-depth ethnographic research on the topic and distinguish the difference between operative and technical role management. The research for this paper concentrates on the practical work processes of the emergency management staff and not merely on the information systems and their functionalities. They focus on describing the interdependencies between the two role management approaches with examples from our field studies and findings from literature.
Article Preview

Introduction And Background

Commonly, role management refers to an organization's capability to manage in the roles each employee performs as part of his or her job functions. In technological terms, role management relates to managing access control/authorization and specifying the resources the users are allowed to access in an application or computer system (Aedo, Diaz, & Sanz, 2006; Al-Kahtani & Sandhu, 2002; Ferraiolo, Kuhn, & Chandramouli, 2007). RBAC (Role-Based Access Control) regulates the access to resources and computer system objects based on the roles defined in an organization (Sanz, Aedo, Diaz, & de Castro, 2006; Ferraiolo, Kuhn, & Chandramouli, 2007). The key RBAC hypothesis is that roles and related responsibilities are much more persistent than users (Sanz et al., 2006; Aedo et al., 2006). After the responsibilities of an organization are defined, they rarely change. Usually, what changes is the user or users that work with a specific responsibility in a specific situation. Much of the research is based on RBAC, its mechanisms and extensions (Sanz, Gómez Bello, Díaz, Sainz, & Aedo, 2007; Haibin & MengChu, 2006; Aedo et al., 2006; Tahir, 2007), such as context-aware dynamic access control (Kim et al., 2005; Zhang & Parashar, 2004) or attribute-based user-role assignment (Al-Kahtani & Sandhu, 2002).

In multi-authority emergency situations where collaboration between authorities emerges, it is often necessary to share information within or between organizations. The organizations have implemented various information and communication systems to support the activities in the command and control rooms as well as in-the-field actions (Mehrotra, Butss, Klashnikov, & Venkatasubramanian, 2004; Sanz et al., 2007; Smirnov, Pashkin, Levashova, Shilov, & Kashevnik, 2007). The information technology challenges focus on the systems and procedures to get the right information to the right person at the right time (Sanz et al., 2007; Ianella & Henricksen, 2007). RBAC can be used to control information sharing in the systems and solve some of the information sharing obstacles. However, RBAC still requires improvements to function in a dynamic environment. Moreover, challenges are caused by relatively low integration of information and communication technologies in the emergency management field (Wybo & Lonka, 2002).

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 11: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 10: 4 Issues (2018): Forthcoming, Available for Pre-Order
Volume 9: 4 Issues (2017): 3 Released, 1 Forthcoming
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing