Data Resources in Dynamic Environments

Abstract

New technologies influence and change social attitudes by making electronic data easy to use and easy to carry, and this capability impacts data security in business organizations. Therefore, organizations have to define appropriate controls aimed at preventing the loss or leaking of data. Having said that, the effectiveness of security controls in complex dynamic environments has not yet been systematically analyzed. In this paper, we propose a formal system model for data resources in a dynamic environment, which can represent the location of different classes of data resources as well as their users. Using such a model, the concurrent and probabilistic behaviour of the system can be analyzed. This study provides a systematic way of exploring the efficiency of a given security policy, or access control technology, in the business process context. The proposed approach can help a technical expert to develop a deeper analysis of the specific security measures required by a business organization.