Incorporating Policy-Based Authorization Framework in Audit Rule Ontology for Continuous Process Auditing in Complex Distributed Systems

机译：将基于策略的授权框架纳入审核规则本体中，以进行复杂分布式系统中的连续过程审核

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Complex distributed information systems that run their activities in the form of processes require continuous auditing of a process that invokes the action(s) specified in the policies and rules in a continuous manner. A shared vocabulary, or common ontology, used to defined the processes, and the audit rule ontology for processes or modules are integrated to form a hybrid ontology that supports the acquisition and evolution of ontologies. A methodology to construct a Common Ontology and an audit rule ontology by coupling to an expert system for Continuous Process Auditing (CPA) has been introduced recently. In this paper, we present a policy-based authorization methodology incorporating Audit Rule Ontology for CPA within distributed audit rule ontology. We also propose the use of probabilistic risk determination and evaluation of risk level, along with access history heuristics that define the adaptable access control policies before making policy decisions.

机译：以流程形式运行其活动的复杂的分布式信息系统需要对流程进行连续审核，该流程以连续的方式调用策略和规则中指定的操作。用于定义流程的共享词汇或通用本体，以及用于流程或模块的审核规则本体被集成以形成支持本体的获取和演化的混合本体。最近已经引入了一种方法，该方法可通过与连续过程审核（CPA）的专家系统耦合来构建通用本体和审核规则本体。在本文中，我们提出了一种基于策略的授权方法，该方法将CPA的审核规则本体纳入了分布式审核规则本体中。我们还建议使用概率风险确定和风险级别评估，以及在做出政策决定之前定义可适应性访问控制策略的访问历史试探法。

著录项

来源
《International conference on cooperative information systems;International conference on the move to meaningful internet systems;International conference on ontologies, databases, and applications of semantics;International workshop on information systems in distributed environment;Workshop on methods, evaluation, tools and applications for the creation and consumption of structured data for the e-society;Workshop on mobile and social computing for collaborative interactions;Workshop on ontology content;Workshop on cloud and trusted computing;Workshop on enterprise integration, interoperability and networking;Workshop on industrial and business applications of semantic web technologies;Workshop on the move academy;Workshop on industry case studies program》|2014年|367-376|共10页
会议地点 Amantea(IT)
作者
Numanul Subhani; Robert Kent;
展开▼
作者单位

School of Computer Science University of Windsor 401 Sunset Ave Windsor Ontario N9B 3P4;

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Policy-based Authorization; Continuous Process Auditing; Audit Rule Ontology; Authorization and Access Control; Semantic Web; Risk-Adaptive Access Control (RAdAC);

机译：基于策略的授权；连续过程审核；审核规则本体；授权和访问控制；语义网；风险自适应访问控制（RAdAC）;

相似文献

外文文献
中文文献
专利

1. A Study Of Audit Judgment In The Audit Process:Effects Of Obedience Pressures, TaskComplexity, And Audit Expertise –The Case OfPublic Accounting Firms In Sumatra-Indonesia [J] . Mudrika Alamsyah Hasan, Andreas International Journal of Scientific & Technology Research . 2019,第7期

机译：审计过程中的审计判断研究：服从压力，任务复杂性和审计专业知识的影响-以苏门答腊印度尼西亚的公共会计师事务所为例
2. Designing a Generic Information Systems Audit Framework to Improve the Quality of Audit in Higher Education [J] . Elfadil A. Mohamed, Elgilani El. Elshareif, Omer Ishag Eldai Mohamed Journal of computer sciences . 2019,第5期

机译：设计通用信息系统审计框架以提高高等教育的审计质量
3. Designing a Generic Information Systems Audit Framework to Improve the Quality of Audit in Higher Education [J] . Mohamed Elfadil A., Elshareif Elgilani El., Eldai Mohamed Omer Ishag Journal of computer sciences . 2019,第5期

机译：设计通用信息系统审核框架以提高高等教育的审核质量
4. Continuous process auditing (CPA): An audit rule ontology based approach to audit-as-a-service [C] . Subhani Numanul, Kent Robert D. Annual IEEE International Systems Conference . 2015

机译：连续过程审核（CPA）：基于审核规则本体的方法即服务审计
5. Towards a Continuous Process Auditing Framework (Case study in Healthcare Auditing and Decision Support - Infection Regime Control Survey). [D] . Zahid, Atif Hasan. 2012

机译：迈向连续过程审核框架（医疗保健审核和决策支持中的案例研究-感染状况控制调查）。
6. SSIF: Subsumption-based Sub-term Inference Framework to audit Gene Ontology [O] . Rashmie Abeysinghe, Eugene W Hinderer, III, -1

机译：SSIF：用于审计基因本体的基于包容的子项推断框架
7. Towards a Continuous Process Auditing Framework (Case study in Healthcare Auditing and Decision Support - Infection Regime Control Survey) [O] . Zahid Atif 2012

机译：迈向连续过程审核框架（医疗保健审核和决策支持中的案例研究-感染状况控制调查）
8. Analysis of EPA (Environmental Protection Agency) Protocol Gases Used for Calibration and Audits of Continuous Emission Monitoring Systems and Ambient Air Analyzers - Results of Audit 6 [R] . Wright, R. S. , Tew, E. L. , Decker, C. E. , 1985

机译：用于连续排放监测系统和环境空气分析仪校准和审核的Epa（环境保护局）协议气体分析 - 审核结果6

Incorporating Policy-Based Authorization Framework in Audit Rule Ontology for Continuous Process Auditing in Complex Distributed Systems

摘要

著录项

相似文献

相关主题

期刊订阅