Information is a valuable resource in any organisation and more and more organisations are realising this and want efficient means to protect it against disclosure, modification or destruction. Although relatively efficient security methods have been available almost as long as information databases, they all provide additional cost. This cost does not only involve money but also cost in terms of system performance and management of information security. Any new information security model must also provide better management of information security. In this dissertation we present a model that provides information security and aims to lower the technical skills required to manage information security using this approach.

In any business organisation we can describe each employee's duties. Put in other words, we can say that each employee has a specific business role in the organisation. In organisations with many employees there are typically many employees that have more or less the same duties in the organisation. This means that employees can be grouped according to their business roles. We use an employee's role as a description of his/her duties in a business organisation.

Each role needs resources to perform its duties in the organisation. In terms of computer systems, each role needs computer resources such as printers. Most roles need access to data files in the organisation's database but it is not desirable to give all roles access to all data files. It is obvious that roles have specific privileges and restrictions in terms of information resources. Information security can be achieved by identifying the business roles in an organisation and giving these roles only the privileges needed to fulfill their business function and then assigning these roles to people (users of the organisation's computer system). This is called role-based security.

People's business functions are related, for example clerks and clerk-managers are related in the sense that a clerk-manager is a manager of clerks. Business roles are related in the same way. For an information security manager to assign roles to users it is important to see this relationship between roles. In this dissertation we present this relationship using a lattice graph which we call a role lattice. The main advantage of this is that it is eases information security management.

Creating new roles by using existing roles as templates or combining the privileges of existing roles also eases the management of information security. Object-oriented design provides this by means of inheritance. We take advantage of this by implementing roles as objects.

The model for information security using distributed role profile objects CORITO) is developed and formalised in the dissertation and this model and its advantages is described using a client/server environment. Security validation is done in a distributed manner using server computers. The model is described in the context of a transaction processing environment using transactions as the key information resource. The dissertation shows how the ORITO can be implemented in a distributed manner by distributing role profile objects between server computers.

The main objectives ofthis dissertation are:

To develop a model for distributed and object-oriented role-based information security in a transaction processing environment CORITO). The model authorises access to information resources and eases the management of information security.

The model itself has the following advantages:

• Itshows that role-based security can be implemented in an object-oriented manner. This is done by implementing role profiles as objects and creating new roles through inheritance. This eases the management of roles.

• It shows that role-based security can be distributed and used in a client/server environment. Distributed processing increases performance and reliability.

• The relationship between roles are presented with a role lattice graph and this graph is used to distributed roles between servers in a client/server environment. A role lattice eases the management and distribution of roles among servers.