Role-Based Access Control Models
Computer
A modular approach to composing access control policies
Proceedings of the 7th ACM conference on Computer and communications security
ACM SIGAda Ada Letters
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security (TISSEC)
An Approach to Extract RBAC Models from BPEL4WS Processes
WETICE '04 Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Reasoning about XACML policies using CSP
Proceedings of the 2005 workshop on Secure web services
A usage-based authorization framework for collaborative computing systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Access Control and Authorization Constraints for WS-BPEL
ICWS '06 Proceedings of the IEEE International Conference on Web Services
Fine grained access control with trust and reputation management for globus
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Synthesis of web services orchestrators in a timed setting
WS-FM'07 Proceedings of the 4th international conference on Web services and formal methods
Towards dynamic monitoring of WS-BPEL processes
ICSOC'05 Proceedings of the Third international conference on Service-Oriented Computing
Semantics of BPEL4WS-Like fault and compensation handling
FM'05 Proceedings of the 2005 international conference on Formal Methods
Usage control in service-oriented architectures
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Fine-Grained Continuous Usage Control of Service Based Grids --- The GridTrust Approach
ServiceWave '08 Proceedings of the 1st European Conference on Towards a Service-Based Internet
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Model-based refinement of security policies in collaborative virtual organisations
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Secure service orchestration in open networks
Journal of Systems Architecture: the EUROMICRO Journal
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Hi-index | 0.00 |
We propose a language for expressing fine-grained security policies for controlling orchestrated business processes modelled as a BPEL workflow. Our policies are expressed as a process algebra that permits a BPEL activity, denies it or force-terminates it. The outcome is evaluates with compensation contexts. Finally, we give an example of these policies in a distributed map processing scenario such that the policies constrain service interactions in the workflow according to the security requirements of each entity participating in the workflow.