Abstract:
Security requirements approached at the enterprise level initiate the need for models that capture the organisational and distributed aspects of information usage. Such modifies have to express organization specific security policies and internal controls aiming to protect information against unauthorised access and modification, and against usage of information for unintended purposes. This system describes a systematic approach to model the security requirements from the perspective of job functions and tasks performed in an organization for the payroll system. The basis of access control policy in this system is to construct of a role. Roles are granted permissions according to the job functions that exist in an organisation, and then users are assigned to roles on basis of their specific job responsibilities. This paper intends for payroll system using Role-Based Access Control (RBAC). The central notion of role-based access control is that users do not have discretionary access control to enterprise objects.