Question
In: Computer Science
Definitions: subject: In the context of access control, an entity capable of accessing objects object: In...
Definitions:
subject: In the context of access control, an entity capable of accessing objects
object: In the context of access control, a resource to which access is controlled.
role-based access control: Controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles.
Consider a private organization's information system where local restaurant health grades are processed and stored. Only authorized individuals such as those from the food quality department can update these health grades.
a) List three subjects in this system and identify their roles.
b) List three objects in this system and provide a description of what is stored in each object.
c) Assuming the system uses role-based access control, discuss the three constraints (mutually exclusive roles, cardinality, and prerequisite roles) that should be considered.
Solutions
Expert Solution
Subjects:
(1) Private organization – the entity which has access to the data of small restaurants
(2) Food Quality Department – the entity which has access over the health grades.
(3) Local restaurants – entity has access of having standard food.
Objects:
(1) Data – the data of the health grades of local restaurants such as name of the restaurants, date of inspection, etc. by private organization.
(2) Information system (software) – the information system of the private organization in which the data of health grades are stored and processed.
(3) Hardware – the hardware used to set up the private organization information system.
Role-based access control:
(1) Health grades standards – it is a prerequisite constraint set up by the food quality department to measure the grades of the food quality of local restaurants.
(2) Authorized individual – only limited individual can update the health grades of local restaurants this is an exclusive role constraint.
(3) Health grades – it is a set of specific numbers of grades that will be provided to the local restaurants which comes under cardinality constraint.
venereology answered 1 year agoRelated Solutions
in ACL (access control List) : 1.How do you determine who can access object x? 2....
Entity-Level Controls from AS5 A. Access control and monitoring software. B. Budgetary controls. C. Report highlighting...
- How is depreciation different from what you thought before reading and working with this chapter? Someone...
- Henri Barrista, café proprietor, is preparing a set of budgets for the next six months (period...
- Use Java programming to implement the following: Implement the following methods in the UnorderedList class for...
- determine the number of high outputs for a 4 x 16 decoder with active low outputs
- Considerable effort has been directed toward determining the genes in which sequence variation contributes to the...
- Consider the following set of processes, with the length of the CPU-burst time given in milliseconds:...
- “Strategy, plans, and budgets are unrelated to one another.” Do you agree? Explain. Explain how the...