AbstractsComputer Science

Computer networks are increasingly being used by organizations to newlineeliminate the use of paper in their offices. Along with this increased usage of newlinecomputers comes the problem of protecting information. Protecting newlineinformation is of paramount importance to an organization s progress, and in newlinesome cases, its survival too. newlineThere is a strong need for developing new methodologies for a newlinesecure information system in organizations; in particular, new access control newlinemodels or extending the existing ones to neutralize security threats and newlineaddress the diverse security requirements of organizations. newlineSeveral models have been proposed to address the access control newlinerequirements. Traditional access control models are broadly categorized as newlinediscretionary access control (DAC) and mandatory access control (MAC) newlinemodels. New models such as role-based access control (RBAC), Context newlinebased access control (CBAC) or task based access control (TBAC) models newlinehave been proposed to address these security requirements. All these models newlineare not able to address the problem of insider threats. In this thesis this issue is newlineaddressed by dynamic reclassification of information security levels. newlineThe use of data classification schemes to secure confidential and newlineprivate information has been in use for a long time. The importance of newlineinformation changing over time is seen in many real world situations. For newlineexample, in an organization users are shifted from one domain to another, and newlineone project to other. Many new projects are added and previous ones are newlinecompleted and shelved. In all these cases, proper information access newlineclassification is to be ensured to prevent unauthorized access. In the existing newlineinformation security models information classification is static and it is not newlinesufficient in the current scenario where dynamic classification is needed. For newlinethis dynamic update, criteria such as file usage profile and organization newlinespecific data are used. newlineAnother important issue is managing the delegation in the digital newlineinformation management. newline newline