“Need‐to‐know” principle and fuzzy security clearances modelling | Emerald Insight
Advanced
search

To read this content please select one of the options below:

“Need‐to‐know” principle and fuzzy security clearances modelling

Lech J. Janczewski (Department of Management Science and Information Systems, The University of Auckland, Auckland, New Zealand)
Victor Portougal (Department of Management Science and Information Systems, The University of Auckland, Auckland, New Zealand)

Information Management & Computer Security

ISSN: 0968-5227

Article publication date: 1 December 2000

1368

Abstract

The paper discusses the assignment of security clearances to employees in a security conscious organisation. New approaches are suggested for solving two major problems. First, full implementation of the “need‐to‐know” principle is provided by the introduction of data access statements (DAS) as part of an employee’s job description. Second, for the problem of setting up border points between different security clearances, the paper introduces a fuzzy set model. This model helps to solve this problem, effectively connecting it with the cost of security.

Keywords

Citation

Janczewski, L.J. and Portougal, V. (2000), "“Need‐to‐know” principle and fuzzy security clearances modelling", Information Management & Computer Security, Vol. 8 No. 5, pp. 210-217. https://doi.org/10.1108/09685220010356247

Publisher

:

MCB UP Ltd

Copyright © 2000, MCB UP Limited

Related articles

Manage cookies

All feedback is valuable

Please share your general feedback

Report an issue or find answers to frequently asked questions

Contact Customer Support