Privacy and Access Control Issues in Financial Enterprise Content Management

Authors:
Dickson K. W. Chiu;Patrick C. K. Hung
Affiliations:
Dickson Computer Systems, Hong Kong;University of Ontario Institute of Technology, Canada
Venue:
HICSS '05 Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences (HICSS'05) - Track 4 - Volume 04
Year:
2005

Citing 0
Cited 4

Cryptographic alias e-mail addresses for privacy enforcement in business outsourcing

Proceedings of the 2005 workshop on Digital identity management
Visual modeling and formal specification of constraints of RBAC using semantic web technology

Knowledge-Based Systems
Towards a business process-oriented approach to enterprise content management: the ECM-blueprinting framework

Information Systems and e-Business Management
Engineering Financial Enterprise Content Management Services: Integration and Control

International Journal of Systems and Service-Oriented Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Financial Enterprise Content Management Systems (FECMS) have been recently deployed not only in intra-enterprises but also over the Internet to interact with customers. As FECMS contains a lot of sensitive and confidential information, there is an urgent need for tackling privacy and access control issues in these systems. In this paper, we proceed with our case study in an international banking enterprise on these issues. The FECMS is based on Web services technologies and we demonstrate the key privacy and access control policies for internal content flow management (such as content editing, approval, and usage) as well as external access control for Web portal and institutional programmatic users. Through the modular design of an integrated FECMS, we illustrate how we can systematically specify privacy and access control policies in each part of the system with the technology of Enterprise Privacy Authorization Language (EPAL)..