TY - JOUR
T1 - Managing data security in e-markets through relationship driven access control
AU - Wang, Harry Jiannan
AU - Zhao, J. Leon
AU - Chen, Guoqing
PY - 2012/4
Y1 - 2012/4
N2 - Data security in e-markets is vital to maintaining trust among trading partners. In an e-market, companies must share information to improve operational efficiency in their supply chains, while at the same time, access to sensitive information by rival companies should be prevented. In today's highly dynamic business environment, the relationships among companies in e-markets are constantly changing while these relationships determine how company information should be shared with other companies. In this paper, the authors show that existing access control models are not designed for managing data security in e-markets with dynamic company relationships and propose a Relationship Driven Access Control (RDAC) model to provide a better solution. In particular, the authors design a rule-based approach for managing dynamic company relationships and a secure query processing mechanism to filter shared information based on company relationships. A prototype system is developed to demonstrate and validate the authors' RDAC model. Copyright © 2012, IGI Global.
AB - Data security in e-markets is vital to maintaining trust among trading partners. In an e-market, companies must share information to improve operational efficiency in their supply chains, while at the same time, access to sensitive information by rival companies should be prevented. In today's highly dynamic business environment, the relationships among companies in e-markets are constantly changing while these relationships determine how company information should be shared with other companies. In this paper, the authors show that existing access control models are not designed for managing data security in e-markets with dynamic company relationships and propose a Relationship Driven Access Control (RDAC) model to provide a better solution. In particular, the authors design a rule-based approach for managing dynamic company relationships and a secure query processing mechanism to filter shared information based on company relationships. A prototype system is developed to demonstrate and validate the authors' RDAC model. Copyright © 2012, IGI Global.
KW - Access Control Model
KW - Data Security
KW - E-Market
KW - Relationship Driven Access Control
KW - Rule Engine
KW - Supply Chain Management
UR - http://www.scopus.com/inward/record.url?scp=84868093927&partnerID=8YFLogxK
UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-84868093927&origin=recordpage
U2 - 10.4018/jdm.2012040101
DO - 10.4018/jdm.2012040101
M3 - RGC 21 - Publication in refereed journal
SN - 1063-8016
VL - 23
SP - 1
EP - 21
JO - Journal of Database Management
JF - Journal of Database Management
IS - 2
ER -