research-article

Free Access

Internal Access Controls: Trust, but Verify

Author:
Geetanjali Sampemane

Google

Google
View Profile

Authors Info & Claims

Queue Volume 12 Issue 11November 2014pp 30–34https://doi.org/10.1145/2693193.2697395

Published:15 November 2014Publication History

Queue

Abstract

Every day seems to bring news of another dramatic and high-profile security incident, whether it is the discovery of longstanding vulnerabilities in widely used software such as OpenSSL or Bash, or celebrity photographs stolen and publicized. There seems to be an infinite supply of zero-day vulnerabilities and powerful state-sponsored attackers. In the face of such threats, is it even worth trying to protect your systems and data? What can systems security designers and administrators do?

References

Computer Security Resource Center. 2014. Role based access control (RBAC) and role based security. National Institute of Standards and Technology, Computer Security Division; http://csrc.nist.gov/groups/SNS/rbac/.Google Scholar
Hockenson, L. Facebook explains the cause behind its early Thursday downtime. Gigaom; https://gigaom.com/2014/06/19/facebook-explains-the-cause-behind-its-early-thursday-downtime/.Google Scholar
Moscaritolo, A. 2014. Verizon billing system hit by major outage. PC Mag UK; http://uk.pcmag.com/news/33726/verizon-billing-system-hit-by-major-outage.Google Scholar
Wikipedia. 2012 RBS Group computer system problems; http://en.wikipedia.org/wiki/2012_RBS_Group_computer_system_problems.Google Scholar

Index Terms

Internal Access Controls: Trust, but Verify
1. Security and privacy
  1. Security services
    1. Access control
  2. Systems security
    1. Operating systems security
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Index terms have been assigned to the content through auto-classification.

Recommendations

The Impact of Information Technology Internal Controls on Firm Performance

Since the introduction of the Sarbanes-Oxley SOX Act in 2002, companies have begun to place more emphasis on information technology IT internal controls. IT internal controls are policies that provide assurance that technical systems operate as intended,...
Read More
Opportunistic spectrum access: challenges, architecture, protocols
WICON '06: Proceedings of the 2nd annual international workshop on Wireless internet

We consider the concept of opportunistic spectrum access (OSA) -- whereby radios identify unused portions of licensed spectrum, and utilize that spectrum without adverse impact on the primary licensees. OSA allows both dramatically higher spectrum ...
Read More
A Control-Data-Mapping Entity-Relationship Model for Internal Controls Construction in Database Design

The internal controls construction of a transaction system is important to management, operation and auditing. In the environment of manual operation, the internal controls of the transaction process are all done by manual mechanism. However, after the ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in

Queue Volume 12, Issue 11
Concurrency
November 2014
34 pages
ISSN:1542-7730
EISSN:1542-7749
DOI:10.1145/2693193
Issue’s Table of Contents

Copyright © 2014 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 15 November 2014
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- research-article
- Popular
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 1
  Total Citations
  View Citations
- 24,086
  Total Downloads
- Downloads (Last 12 months)2,790
- Downloads (Last 6 weeks)330
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

Internal Access Controls: Trust, but Verify

Queue

Abstract

References

Cited By

Index Terms

Recommendations

The Impact of Information Technology Internal Controls on Firm Performance

Opportunistic spectrum access: challenges, architecture, protocols

A Control-Data-Mapping Entity-Relationship Model for Internal Controls Construction in Database Design

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

HTML Format

Caption

Internal Access Controls: Trust, but Verify

Queue

Abstract

References

Cited By

Index Terms

Recommendations

The Impact of Information Technology Internal Controls on Firm Performance

Opportunistic spectrum access: challenges, architecture, protocols

A Control-Data-Mapping Entity-Relationship Model for Internal Controls Construction in Database Design

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

HTML Format

Share this Publication link

Share on Social Media