Identity Management and Control for Clouds

Yeluri, Raghu; Castro-Leon, Enrique

doi:10.1007/978-1-4302-6146-9_7

Cited by 5 publications

(2 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Along with the schemes developed in the authentication security layer, other protection mechanisms and practices in preventing unauthorized access to system and data resources can be implemented, including mandatory access control (MAC), discretionary access control (DAC), rule-based access control, physical access control, role-based access control, attribute-based access control, and policy-based access control, which are beyond the scope of this book chapter to discuss. However, the functionality and effectiveness of each approach are highly dependent on data regulations established by the organization [43,47].…”

Section: Planning Risk Responsementioning

confidence: 99%

A Review on Risk Management in Information Systems: Risk Policy, Control and Fraud Detection

Taherdoost

2021

Electronics

View full text Add to dashboard Cite

Businesses are bombarded with great deals of risks, vulnerabilities, and unforeseen business interruptions in their lifetime, which negatively affect their productivity and sustainability within the market. Such risks require a risk management system to identify risks and risk factors and propose approaches to eliminate or reduce them. Risk management involves highly structured practices that should be implemented within an organization, including organizational planning documents. Continuity planning and fraud detection policy development are among the many critically important practices conducted through risk management that aim to mitigate risk factors, their vulnerability, and their impact. Information systems play a pivotal role in any organization by providing many benefits, such as reducing human errors and associated risks owing to the employment of sophisticated algorithms. Both the development and establishment of an information system within an organization contributes to mitigating business-related risks and also creates new types of risks associated with its establishment. Businesses must prepare for, react to, and recover from unprecedented threats that might emerge in the years or decades that follow. This paper provides a comprehensive narrative review of risk management in information systems coupled with its application in fraud detection and continuity planning.

show abstract

Section: Planning Risk Responsementioning

confidence: 99%

A Review on Risk Management in Information Systems: Risk Policy, Control and Fraud Detection

Taherdoost

2021

Electronics

View full text Add to dashboard Cite

show abstract

“…Theoretically, an entity can have several different identity attributes [3]- [5]. IdM processes encompass the management of the entity identities and their authentication, authorization, roles, and privileges and permissions within or across system and enterprise boundaries [6]. IdMs aim to assure that the service provider (SP) will offer services to a trusted requester based on a pre-established trust relationship with the identity provider IdP to increase enterprises security and productivity.…”

Section: Introductionmentioning

confidence: 99%

Formulating A Global Identifier Based on Actor Relationship for the Internet of Things

Majeed

Al-Yasiri

2017

Interoperability, Safety and Security in IoT

View full text Add to dashboard Cite

The Internet of Things (IoT) promising a new generation of services been offered to a human being through a world of interconnected objects (called "things") that may use different communication technologies. Objects, in IoT, are seamlessly connected on its owner/user behalf. To offer services, the service providers need to truly identify the effective actor/user rather than the communicated devices. Currently, users have relationships with multiple objects that can also be used to determine their user. These relationships between actors are changeable or may even vanish; however, they are important to distinguish the actual requester of the service. Hence, it is important to consider them when identifying the effective actor of the communicated object. This paper models these relationships, representing them in a general form, and proposes a new semantic identifier format that allows service providers to identify the service requester identity across domains based on those relationships.

show abstract