Deriving authorizations from process analysis in legacy information systems

被引:0
|
作者
Castano, S
Fugini, MG
机构
关键词
discretionary access control; authorization analysis; legacy information systems;
D O I
暂无
中图分类号
F [经济];
学科分类号
02 ;
摘要
The problem of analyzing security requirements is to be addressed in legacy systems when planned restructuring interventions involve also security aspects. In this paper, we propose a three-level model for authorization analysis and an associated method to extract authorizations from legacy systems. The model allows the security administrator to analyze process authorizations for database accesses at different granularity levels of the involved data. The connection between processes and user roles within organizational units of the legacy system are discussed. The initial results of an experimentation of the approach on a set of processes and databases of the Italian Public Administration information systems are presented.
引用
收藏
页码:56 / 67
页数:12
相关论文
共 50 条
  • [31] A Corporative Information System: from Legacy Systems to Executive Digital Dashboards
    Mejia-Lavalle, Manuel
    Arroyo-Figueroa, Gustavo
    [J]. CERMA: 2009 ELECTRONICS ROBOTICS AND AUTOMOTIVE MECHANICS CONFERENCE, 2009, : 63 - 68
  • [32] A DevOps Introduction Process for Legacy Systems
    Cruz, Vinicius Lima
    Albuquerque, Adriano Bessa
    [J]. 2018 XLIV LATIN AMERICAN COMPUTER CONFERENCE (CLEI 2018), 2018, : 139 - 148
  • [33] An Incremental Process Mining Approach to Extract Knowledge from Legacy Systems
    Kalsing, Andre Cristiano
    do Nascimento, Gleison Samuel
    Iochpe, Cirano
    Thom, Lucineia Heloisa
    [J]. 2010 14TH IEEE INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE (EDOC 2010), 2010, : 79 - 88
  • [34] Deriving requirements for integrated and standardised cadastre profile from the legacy Board of Revenue and the contemporary land administration systems
    Ahsan, Muhammad Sheraz
    Hussain, Ejaz
    Lemmen, Christiaan
    Zevenbergen, Jaap
    Atif, Salman
    Chipofya, Malumbo
    Ali, Zahir
    Morales, Javier
    Koeva, Mila
    [J]. SURVEY REVIEW, 2024,
  • [35] An Analysis of the Process of Information Realization in Information Systems based on Hermeneutics and Semiotics
    Wang, Sufen
    Hu, Xiaohong
    Feng, Junkang
    [J]. INFORMATION SYSTEMS IN THE CHANGING ERA: THEORY AND PRACTICE, 2009, : 166 - +
  • [36] Breaking or keeping the habits: exploring the role of legacy habits in the process of discontinuing organisational information systems
    Rezazade Mehrizi, Mohammad H.
    van den Hooff, Bart
    Yang, Chaoran
    [J]. INFORMATION SYSTEMS JOURNAL, 2022, 32 (01) : 192 - 221
  • [37] Deriving Information Requirements from Responsibility Models
    Sommerville, Ian
    Lock, Russell
    Storer, Tim
    Dobson, John
    [J]. ADVANCED INFORMATION SYSTEMS ENGINEERING, PROCEEDINGS, 2009, 5565 : 515 - 529
  • [38] Paracelsus' legacy in the faunal realm: Drugs deriving from animal toxins
    Fischer, Thomas
    Riedl, Rainer
    [J]. DRUG DISCOVERY TODAY, 2022, 27 (02) : 567 - 575
  • [39] Competitive agility and the challenge of legacy information systems
    Reddy, SB
    Reddy, R
    [J]. INDUSTRIAL MANAGEMENT & DATA SYSTEMS, 2002, 102 (1-2) : 5 - 16
  • [40] Performance evaluation and prediction for legacy information systems
    Jin, Yan
    Tang, Antony
    Han, Jun
    Liu, Yan
    [J]. ICSE 2007: 29TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, PROCEEDINGS, 2007, : 540 - +