A Framework for a File View Model in Intranets

摘要

Today, a new security problem is arising in intranets. The threats from inside an organization account for a rapidly increasing proportion of losses. The DAC (Discretionary Access Control) model, which is the primary access control mechanism in most intranets, is main responsibility for this state of affairs. Users can make a duplicate of a confidential document for which they only have read authorization. They can then grant access rights the replication to others who did not previously have authorization. This transformation of authorizations would result in the contents being divulged to unauthorized users. This paper proposes a concept of ȁC;File ViewȁD; to solve this security problem in intranets. First, the paper proposes a hierarchy of file views which are used to structure availability of reference to database views. However there are some challenges in extending this proposal to file systems because of differences between the two. The paper proposes a framework for a file view model to solve these challenges. Finally, under three assumptions, it discusses access control and proposes read and write process algorithms for secured access in this framework.