Security moving from database systems to ERP systems

Author

van de Riet, R. ; Janssen, Wouter ; De Gruijter, Peter

Author_Institution

CASC-Deloitte & Touche, Amsterdam, Netherlands

fYear

1998

fDate

25-28 Aug 1998

Firstpage

273

Lastpage

280

Abstract

Usage of Information Systems moves from a central database system with many application programs to fully integrated systems with which an enterprise is handling many of its information and communication problems (ERP). In this paper we study how these systems deal with the security issue; we see that on the one hand by moving the security from the database level to the ERP level, advantages by having centrally defined and maintained security rules get lost, on the other hand it is possible to exploit WorkFlow Management (WFM) techniques to define security procedures more properly, such that the “separation of duty” principle can be applied. We demonstrate this on the tricky security rules for the security employees themselves

Keywords

database management systems; management information systems; security of data; ERP level; database level; enterprise resource planning; fully integrated systems; separation of duty; workflow management; Access control; Automation; Collaborative software; Collaborative work; Communication system security; Data security; Database systems; Enterprise resource planning; Read only memory; Resource management;

fLanguage

English

Publisher

ieee

Conference_Titel

Database and Expert Systems Applications, 1998. Proceedings. Ninth International Workshop on

Conference_Location

Vienna

Print_ISBN

0-8186-8353-8

Type

conf

DOI

10.1109/DEXA.1998.707413

Filename

707413