BPEL4RBAC: An Authorisation Specification for WS-BPEL

Authors:
Xin Wang;Yanchun Zhang;Hao Shi;Jian Yang
Affiliations:
School of Computer Science and Mathematics, Victoria University, Australia;School of Computer Science and Mathematics, Victoria University, Australia;School of Computer Science and Mathematics, Victoria University, Australia;Department of Computing, Macquarie University, Sydney, Australia NSW2109
Venue:
WISE '08 Proceedings of the 9th international conference on Web Information Systems Engineering
Year:
2008

Citing 12
Cited 2

Role-Based Access Control Models

Computer
Organization based access control

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Introduction: Service-oriented computing

Communications of the ACM - Service-oriented computing
SOWAC: A Service-Oriented Workflow Access Control Model

COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01
An Access Control Model for Web Services in Business Process

WI '04 Proceedings of the 2004 IEEE/WIC/ACM International Conference on Web Intelligence
A Flexible Payment Scheme and Its Role-Based Access Control

IEEE Transactions on Knowledge and Data Engineering
Access control in collaborative systems

ACM Computing Surveys (CSUR)
Secure Business Process Management: A Roadmap

ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
Frameworks for Secured Business Process Management Systems

SERA '06 Proceedings of the Fourth International Conference on Software Engineering Research, Management and Applications
A review of information security issues and respective research contributions

ACM SIGMIS Database
Scenario-Based Petri Net Approach for Collaborative Business Process Modelling

APSCC '07 Proceedings of the The 2nd IEEE Asia-Pacific Service Computing Conference
Designing secure e-commerce with role-based access control

International Journal of Web Engineering and Technology

Authorization Policy Based Business Collaboration Reliability Verification

ICSOC '08 Proceedings of the 6th International Conference on Service-Oriented Computing
A Verification Mechanism for Secured Message Processing in Business Collaboration

APWeb/WAIM '09 Proceedings of the Joint International Conferences on Advances in Data and Web Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

Business process management is designed to make business activities and trade easier and more cost effective. The increasing business integration and legal requirements raise the need for secure business processes. However, the openness and distribution nature of inter-organisational business processes may result in more security breaches. As a widely accepted standard, WS-BPEL does not support for business process security protection even if the participating organisations already have working security policies. To address this problem, we have developed an authorisation specification BPEL4RBAC for WS-BPEL. Through BPEL4RBAC access control model, with an extension for WS-BPEL, called BPEL4RBAC policy language, the secure WS-BPEL is then achievable. The former introduces the access control capability into business process environment while the latter is used to represent the authorisation information in WS-BPEL.