"Need-to-know" principle and fuzzy security clearances modelling
The paper discusses the assignment of security clearances to employees in a security conscious organisation. New approaches are suggested for solving two major problems. First, full implementation of the "need-to-know" principle is provided by the introduction of data access statements (DAS) as part of an employee's job description. Second, for the problem of setting up border points between different security clearances, the paper introduces a fuzzy set model. This model helps to solve this problem, effectively connecting it with the cost of security.
No Reference information available - sign in for access.
No Citation information available - sign in for access.
No Supplementary Data.
No Article Media