| |
Abstract (en): |
The diversity, depth and sophistication of enterprise architectures and the associated
compliance and security risks are constantly increasing. Many enterprises operate in
environments developed decades ago and do not provide adequate protection against non compliance and breach of security rules, posing potential financial and security risks to
enterprises. Logistics and transportation companies are a particular focus, as they operate
globally and the architecture is cumbersome and complicated, making them anything but
flawless in terms of compliance and security.
The goal of this thesis is to create a concept for the implementation of the 4-eyes principle, to
design and test the solution, which will be done in a case study with a European logistics and
transport company.
Based on the research of the topic, the study of the legislation, coupled with the collected
requirements from the company, which come in the form of a high-level requirement, the
functional and non-functional requirements are derived. The design of the UI and authorization
page is created and tested to prove or disprove the main hypothesis of this work.
In addition, possible extensions and improvements to the solution are identified. The designed
solution of the 4-eyes principle for all user levels in the system proves to contribute to
compliance and a security-aware approach in the modern enterprise. |
