E-Store Management Using Bell-LaPadula Access Control Security Model

Saida Nafisah Roslan, Isredza Rahmi A Hamid, Palaniappan Shamala

Abstract


Generally, the existing store management system does not provide any access control mechanism in order to manage resources. All levels of user have the same right to access the store and borrow the equipment. Therefore, the E-Store management system using Bell-LaPadula access control model was proposed. The prototyping methodology was used to develop the system because methodology model is quickly constructed to test or illustrate design features and ideas, in order to gather user feedback. Moreover, the system is built using hypertext processor (PHP) language. The E-Store system has three types of users, which are known as top management of Welding Department, lecturers and students. The user’s access control is divided by high-level privilege to lower-level privilege. Therefore, each user will have different login interface according to their role and access right to the system. Through the system, high-level user manages in and out equipment flow, manages authorization, view history log in activity and verify complaint report. Lower-level user can view list of equipment, report complaint and damage equipment and borrow equipment. The E-Store management system is expected to manage the store effectively and reduced redundancy issues of equipment requested. The user access right has been assigned based on their access level.

Keywords


Bell-LaPadula , access control security model, E-store, management.

Full Text:

PDF

References


Schinagl, S., Paans, R., and Schoon, K. (2016). “The revival of ancient information security models, insight in risks and selection of measures,” Proc. Annu. Hawaii Int. Conf. Syst. Sci., vol. 2016–March, no. 1, pp. 4041–4050, 2016.

Peter, G. (2010). CISSP Guide To Security Essentials. Course Technology, Cengage Learning.

Samson, J. (nda). “Alymta System.” [Online]. Available: http://www.almyta.com/abc_inventory_software.asp.

Viva, M. (2010). “Odoo Inventory System,” [Online]. Available: https://uthm.odoo.com/web#home.

“TradeGecko,” 2016. [Online]. Available: https://www.tradegecko.com/producttour/ inventory-control-system.

Neumann, P.G. (2004).“Prototyping,” October, pp. 1–13, 2004.

Neumann, P.G. (2018). Fundamental trustworthiness principles. New Solutions for Cybersecurity.

Ebrahim Abduljalil, D.S., (2017). Multilevel Security Models in Real-Time Database Systems: Comparing and Analyzing. International Journal Of Engineering And Computer Science, 6(3).

Rajpoot, Q.M., Jensen, C.D. and Krishnan, R., (2015), Attributes enhanced role-based access control model. In International Conference on Trust and Privacy in Digital Business (pp. 3-17). Springer, Cham.

Sharma, N.K. and Joshi, A., (2016). Representing attribute based access control policies in owl. In Semantic Computing (ICSC), 2016 IEEE Tenth International Conference on (pp. 333-336).

Giardino, C., Unterkalmsteiner, M., Paternoster, N., Gorschek, T. and Abrahamsson, P., (2014). What do we know about software development in startups?. IEEE software, 31(5), pp.28-32.

Ebrahim Abduljalil, D.S., (2017). Multilevel Security Models in Real-Time Database Systems: Comparing and Analyzing. International Journal Of Engineering And Computer Science, 6(3).




DOI: http://dx.doi.org/10.30630/joiv.2.3-2.140

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

JOIV : International Journal on Informatics Visualization
Published by Information Technology Department
Politeknik Negeri Padang, Indonesia

© JOIV - ISSN : 2549-9610 | e-ISSN : 2549-9904 

Phone : +62-82386434344
Email  : hidraamnur@live.com | hidra@pnp.ac.id
              fazrolpnp@gmail.com


Creative Commons License is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

View My Stats