E-store management using bell-lapadula access control security model
Generally, the existing store management system does not provide any access control mechanism in order to manage resources. All levels of user have the same right to access the store and borrow the equipment. Therefore, the E-Store management system using Bell- LaPadula access control model was prop...
Saved in:
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Information Technology Department Politeknik Negeri Padang, Indonesia
2018
|
Subjects: | |
Online Access: | http://eprints.uthm.edu.my/3875/1/AJ%202018%20%28371%29.pdf http://eprints.uthm.edu.my/3875/ https://doi.org/10.30630/joiv.2.3-2.140 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Generally, the existing store management system does not provide any access control mechanism in order to manage resources. All levels of user have the same right to access the store and borrow the equipment. Therefore, the E-Store management system using Bell- LaPadula access control model was proposed. The prototyping methodology was used to develop the system because methodology model is quickly constructed to test or illustrate design features and ideas, in order to gather user feedback. Moreover, the system is built using hypertext processor (PHP) language. The E-Store system has three types of users, which are known as top management of Welding Department, lecturers and students. The user’s access control is divided by high-level privilege to lower-level privilege. Therefore, each user will have different login interface according to their role and access right to the system. Through the system, high-level user manages in and out equipment flow, manages authorization, view history log in activity and verify complaint report. Lower-level user can view list of equipment, report complaint and damage equipment and borrow equipment. The E-Store management system is expected to manage the store effectively and reduced redundancy issues of equipment requested. The user access right has been assigned based on their access level |
---|