IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

We consider the problem of enforcing corporate governance control relying on cloud-based services. Extending previous work, we focus in particular on the support of delegation of the director privileges, enabling their dynamic and temporary assignment to a vice-director. Like previous work, our control relies on encrypted tags, which are here extended addressing the challenges introduced by dynamic delegation which operates on a time dimension orthogonal to the corporate governance control process. Our solution enables delegation while ensuring a vice-director to enjoy the director privileges only when delegation is active and not to operate as director for operations the vice-director has processed as employee (separation of duties). Our tag construction ensures integrity of the dynamic delegation control and protection against tag tampering.

Supporting Delegation in Outsourced ICA Process / S. De Capitani Di Vimercati, S. Foresti, S. Paraboschi, S. Petrilli, P. Samarati (LECTURE NOTES IN COMPUTER SCIENCE). - In: Data and Applications Security and Privacy XXXIX / [a cura di] S. Katsikas, B. Shafiq. - [s.l] : Springer, 2025. - ISBN 978-3-031-96589-0. - pp. 393-412 (( 39. IFIP WG 11.3 Annual Conference on Data and Applications Security and Privacy : June 23-24 Gjøvik (Norway) 2025 [10.1007/978-3-031-96590-6_21].

Supporting Delegation in Outsourced ICA Process

S. De Capitani Di Vimercati
Primo
;S. Foresti
Secondo
;P. Samarati
Ultimo
2025

Abstract

We consider the problem of enforcing corporate governance control relying on cloud-based services. Extending previous work, we focus in particular on the support of delegation of the director privileges, enabling their dynamic and temporary assignment to a vice-director. Like previous work, our control relies on encrypted tags, which are here extended addressing the challenges introduced by dynamic delegation which operates on a time dimension orthogonal to the corporate governance control process. Our solution enables delegation while ensuring a vice-director to enjoy the director privileges only when delegation is active and not to operate as director for operations the vice-director has processed as employee (separation of duties). Our tag construction ensures integrity of the dynamic delegation control and protection against tag tampering.
Cloud-based services; delegation; internal controls and audit process; outsourcing; separation of duties;
Settore INFO-01/A - Informatica
   Green responsibLe privACy preservIng dAta operaTIONs
   GLACIATION
   EUROPEAN COMMISSION
   101070141

   Edge AI Technologies for Optimised Performance Embedded Processing (EdgeAI)
   EdgeAI
   MINISTERO DELLO SVILUPPO ECONOMICO
   101097300

   POLAR: POLicy specificAtion and enfoRcement for privacy-enhanced data management
   POLAR
   MINISTERO DELL'UNIVERSITA' E DELLA RICERCA
   2022LA8XBH_001

   SEcurity and RIghts in the CyberSpace (SERICS)
   SERICS
   MINISTERO DELL'UNIVERSITA' E DELLA RICERCA
   codice identificativo PE00000014
2025
International Federation for Information Processing (IFIP) Working Groups
Book Part (author)
03 - Contributo in volume
File in questo prodotto:
File Dimensione Formato  
dbsec2025.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Licenza: Nessuna licenza
Dimensione 1.17 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
1.17 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/1229978
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? 0
  • OpenAlex 0
social impact