CFP last date
20 January 2025
Reseach Article

Improving Fraud Control in Small Banks using Dynamic Object-based Separation of Duties

by Ephrem Kwaku Kwaa-Aidoo
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 174 - Number 13
Year of Publication: 2021
Authors: Ephrem Kwaku Kwaa-Aidoo
10.5120/ijca2021921024

Ephrem Kwaku Kwaa-Aidoo . Improving Fraud Control in Small Banks using Dynamic Object-based Separation of Duties. International Journal of Computer Applications. 174, 13 ( Jan 2021), 33-39. DOI=10.5120/ijca2021921024

@article{ 10.5120/ijca2021921024,
author = { Ephrem Kwaku Kwaa-Aidoo },
title = { Improving Fraud Control in Small Banks using Dynamic Object-based Separation of Duties },
journal = { International Journal of Computer Applications },
issue_date = { Jan 2021 },
volume = { 174 },
number = { 13 },
month = { Jan },
year = { 2021 },
issn = { 0975-8887 },
pages = { 33-39 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume174/number13/31740-2021921024/ },
doi = { 10.5120/ijca2021921024 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T00:22:01.244857+05:30
%A Ephrem Kwaku Kwaa-Aidoo
%T Improving Fraud Control in Small Banks using Dynamic Object-based Separation of Duties
%J International Journal of Computer Applications
%@ 0975-8887
%V 174
%N 13
%P 33-39
%D 2021
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Conflicts arise when the execution of two or more tasks by a person creates a vulnerability which when exploited could threaten a business and its goals. These threats could lead to a severe loss of corporate resources and in some cases result in the collapse of businesses. This paper discusses the issue of implementing separation of duty within an information system to deal with conflicting tasks. It examined the issue of separation of duty within small banks and their efforts to prevent fraud. The paper argues that separation of duty in these organisations is not effective and can be compounded by the use of mechanisms like job rotation. It focuses on object-based separation of duty and its possible use in small firms. It proposes the introduction of elements of the Chinese wall security policy and its derivatives to introduce granularity into the implementation of object-based separation of duty.

References
  1. Hu, V.C., D.F. Ferraiolo, and D.R. Kuhn, Assessment of Access Control Systems 2006, Computer Security Division, National Institute of Standards and Technology: Gaithersburg.
  2. Behr, A. and K. Coleman, Separation of duties and IT security, in CSO Magazine. 2017, IDG Communications: California.
  3. Simon, R.T. and M.E. Zurko, Separation of Duty in Role-Based Environments, in 10th Computer Security Foundations Workshop 1997.
  4. Ferroni, S., Implementing Segregation of Duties. ISACA Journal, 2016. 3.
  5. Perelson, S., SoDA: A Model for the Administration of Separation of Duty Requirements in Workflow Systems. 2001, Port Elizabeth Technikon.
  6. Clark, D.D. and D.R. Wilson. A Comparison of Military and Commercial Computer Security Policies. in IEEE Symposium on Computer Security and Privacy. 1987. Oakland California: IEEE.
  7. Perelson, S. and R.A. Botha, Conflict Analysis as a Means of Enforcing Statis Separation of Duty Requirements in Worflow Environments. South African Computer Journal, 2000. 26.
  8. Tsegayeand, T. and S. Flowerday, A Clark-Wilson and ANSIrole-based access control model. Information & Computer Security, 2020. 28(3): p. 2056-4961.
  9. Nash, M.J. and K.R. Poland, Some Conundrums Concerning Separation of Duty, in IEEE Symposium on Research in Security and Privacy. 1990, IEEE: Oakland California. p. 201-209.
  10. Habib, M.A. and C. Praher, Object Based Dynamic Separation of Duty in RBAC, in Internet Technology and Secured Transactions. 2009: London.
  11. Ellen Zurko, M. and R.T. Simon, Separation of Duties, in Encyclopedia of Cryptography and Security, H.C.A. van Tilborg and S. Jajodia, Editors. 2011, Springer US: Boston, MA. p. 1182-1185.
  12. Loock, M. and J.H.P. Eloff, Investigating the Usage of the Chinese Wall Security Policy Model for Data Mining, in International Symposium on Information and Communications Technologies. 2005: Cape Town.
  13. Brewer, D.F.C. and M.J. Nash, The Chinese Wall Security Policy, in IEEE Symposium on Research Security and Privacy. 1989, IEEE: Oakland Califonia.
  14. Minsky, N.H. and V. Ungureanu, Unified Support for Heterogeneous Security Policies in Distributed Systems, in USENIX Security Symposium. 1998: San Antonio.
  15. Fehis, S., O. Nouali, and M.-T. Kechadi, A New Distributed Chinese Wall Security Policy Model. Journal of Digital Forensics, Security and Law, 2016. 11(4).
  16. Lin, T.Y., Chinese Wall Security Policy - An Aggressive Model., in Fifth Annual Computer Security Applications Conference. 1989: Tuscon, Arizona.
  17. Stewart, J.M., E. Tittel, and M. Chapple, CISSP: Certified Information Systems Security Professional Study Guide. 3rd ed. 2018, San Francisco: John Wiley and Sons Inc.
  18. Association of Certified Fraud Examiners, 2018 Global Study on Occupational Fraud and Abuse, in Report to the Nations. 2018, Association of Certified Fraud Examiners: Austin, Texas, USA.
  19. Dadzie-Dennis, E.N., et al., Employee Fraud in the Banking Sector of Ghana. SBS Journal of Applied Business Research, 2018. 6.
  20. Sanusia, Z.M., M.N.F. Ramelib, and Y.M. Isa, Fraud Schemes in the Banking Institutions: Prevention Measures to Avoid Severe Financial Loss. Procedia Economics and Finance, 2015. 28: p. 107-113.
Index Terms

Computer Science
Information Sciences

Keywords

Separation of Duty Chinese Wall Security Policy Small Banks