Role engineering is one of the fundamental phases for migrating existing enterprises to Role Based Access Control. In organisations with a large number of users and permissions, this task can be time consuming and costly if a top down approach is used. Existing bottom up approaches are not sufficient in producing a comprehensive set of roles for hierarchical Role Based Access Control. In this research, we propose a predominately bottom up approach that uses Graph Optimisation to identify appropriate role hierarchies. Additional partial role specifications can be incorporated to produce a hybrid approach. Using rules that reduce administration requirements, roles and their hierarchies are automatically extracted from large numbers of permission assignments. The results of the Graph Optimisation approach are hierarchical Role Based Access Control infrastructures that offer improved access control administration for the system.
Using a sample of firms from France, where the law requires the use of two auditors, we study the effect of auditor pair composition on audit quality by examining a specific account, goodwill impairment. We document that firms audited by a Big 4-non-Big 4 auditor pair (BS) are more likely to book an impairment and book a larger impairment than firms audited by a Big 4-Big 4 auditor pair (BB) when low-performance indicators suggest a greater likelihood of impairment. Moreover, firms audited by a BB pair reduce impairment disclosures when they book impairments, while firms audited by a BS pair do not, suggesting lower transparency for firms audited by a BB pair. Our results inform investors and firms in mandatory joint audit regimes, as well as regulators who are considering requiring joint audits.Incidence de la composition du coll ege d'auditeurs sur la qualit e de l'audit conjoint : le cas des tests de d epr eciation
R ESUM ELes auteurs etudient l'incidence de la composition du coll ege d'auditeurs sur la qualit e de l'audit conjoint en s'int eressant plus particuli erement aux tests de d epr eciation de l' ecart d'acquisition. L' etude est men ee sur un echantillon de soci et es franc ßaises pour lesquelles la r eglementation impose un audit conjoint.
Various algorithms have been developed to identify different types of network intrusions, however there is no heuristic to confirm the accuracy of their results. The exact effectiveness of a network intrusion detection system's ability to identify malicious sources cannot be reported unless a concise measurement of performance is available. This paper addresses the need for an evaluation technique and proposes a comparison technique for current scan detection algorithms that can accurately measure the false positive rate and precision of identified scanners.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.