IDEAS home Printed from https://ideas.repec.org/a/ids/ijbisy/v7y2011i1p60-77.html
   My bibliography  Save this article

Incorporating social-cultural contexts in role engineering: an activity theoretic approach

Author

Listed:
  • Manish Gupta
  • Raj Sharman

Abstract

Roles are convenient and powerful concept for facilitating access to distributed systems and for enforcing access management polices. Role-based access control (RBAC) is one of the most convenient and widely used role engineering models across enterprises. However, traditional role design process only factors in functional and job requirements of any user. Several threats arise due to insecure and inefficient design of roles when social and interaction dynamics in an organisational setting are ignored, where most activities are carried out a dynamic environment. Activity theory (AT) is one of the most applied and researched theories in context of understanding human actions, interactions with environments and dynamics against different social entities. The first section of the paper presents an overview of role engineering and AT concepts. Building on the concepts, the paper then presents methods in which AT can be applied for efficient and secure role engineering processes. A case study, carried out at a US based midsize financial institution, is also presented to demonstrate: 1) how traditional role engineering processes give way to threats; 2) how using AT methods can uncover some of the risks in role engineering process to mitigate risks.

Suggested Citation

  • Manish Gupta & Raj Sharman, 2011. "Incorporating social-cultural contexts in role engineering: an activity theoretic approach," International Journal of Business Information Systems, Inderscience Enterprises Ltd, vol. 7(1), pages 60-77.
    • Handle: RePEc:ids:ijbisy:v:7:y:2011:i:1:p:60-77
    as

    Download full text from publisher

    File URL: http://www.inderscience.com/link.php?id=37297
    Download Restriction: Access to full text is restricted to subscribers.
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:ids:ijbisy:v:7:y:2011:i:1:p:60-77. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sarah Parker (email available below). General contact details of provider: http://www.inderscience.com/browse/index.php?journalID=172 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.