Welcome to the InfoSci Platform
Access Control for Web Service Applications: An Example in Collaborative Auditing

Access Control for Web Service Applications: An Example in Collaborative Auditing

Timon C. Du, Richard Hwang, Charles Ling-yu Chou
Copyright: © 2007 |Pages: 22
ISBN13: 9781591406785|ISBN10: 1591406781|ISBN13 Softcover: 9781591406792|EISBN13: 9781591406808
DOI: 10.4018/978-1-59140-678-5.ch010
Cite Chapter Cite Chapter

MLA

Du, Timon C., et al. "Access Control for Web Service Applications: An Example in Collaborative Auditing." Advances in Electronic Business, Volume 2, edited by Eldon Y. Li and Timon C. Du, IGI Global, 2007, pp. 244-265. https://doi.org/10.4018/978-1-59140-678-5.ch010

APA

Du, T. C., Hwang, R., & Chou, C. L. (2007). Access Control for Web Service Applications: An Example in Collaborative Auditing. In E. Li & T. Du (Eds.), Advances in Electronic Business, Volume 2 (pp. 244-265). IGI Global. https://doi.org/10.4018/978-1-59140-678-5.ch010

Chicago

Du, Timon C., Richard Hwang, and Charles Ling-yu Chou. "Access Control for Web Service Applications: An Example in Collaborative Auditing." In Advances in Electronic Business, Volume 2, edited by Eldon Y. Li and Timon C. Du, 244-265. Hershey, PA: IGI Global, 2007. https://doi.org/10.4018/978-1-59140-678-5.ch010

Export Reference

Mendeley
Favorite

Abstract

Given the rapid changes in the information technologies, the issue of information securities and company’s internal controls has become very critical to both internal and external auditors. Recently, external auditors are under pressure to provide real-time assurance. Movement of this kind has complicated as to when and how to grant the access privileges to external auditors. In addition, when there is a high degree of collaborative relationship among organizations, the collaborators need to establish policies of auditors’ access controls and set up conditions and constraints for security and confidentiality reasons. Since auditors among the collaborators have different seniority, the access privileges should be granted based on the seniority of the auditors in the collaborative team members. In contrast, the growth of Web service becomes a new paradigm to provide collaborative auditing service via Web. The access control issue is a crucial issue for the future collaboration. In this study, we propose a role-based Chinese Wall model, which organizes the corporate data into four different types of control groups with different access control policies, for the auditors to access the data among collaborating enterprises. Using the vendor-managed inventories (VMI) example, the study discusses how auditing tasks can be performed under the proposed access control environment. To ensure the functionality of the proposed framework, the study uses Oracle software to demonstrate the feasibility of the model.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.