Controlling Usage in Business Process Workflows through Fine-Grained Security Policies

Authors:
Benjamin Aziz;Alvaro Arenas;Fabio Martinelli;Ilaria Matteucci;Paolo Mori
Affiliations:
STFC Rutherford Appleton Laboratory, Didcot, UK OX11 0QX;STFC Rutherford Appleton Laboratory, Didcot, UK OX11 0QX;IIT CNR, Pisa, Pisa, Italy 56125;CREATE-NET, Trento, Italy and IIT CNR, Pisa, Pisa, Italy 56125;IIT CNR, Pisa, Pisa, Italy 56125
Venue:
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
Year:
2008

Citing 14
Cited 5

Role-Based Access Control Models

Computer
A modular approach to composing access control policies

Proceedings of the 7th ACM conference on Computer and communications security
ACM SIGAda Ada Letters

ACM SIGAda Ada Letters
A Community Authorization Service for Group Collaboration

POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Certificate-based authorization policy in a PKI environment

ACM Transactions on Information and System Security (TISSEC)
An Approach to Extract RBAC Models from BPEL4WS Processes

WETICE '04 Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Reasoning about XACML policies using CSP

Proceedings of the 2005 workshop on Secure web services
A usage-based authorization framework for collaborative computing systems

Proceedings of the eleventh ACM symposium on Access control models and technologies
Access Control and Authorization Constraints for WS-BPEL

ICWS '06 Proceedings of the IEEE International Conference on Web Services
Fine grained access control with trust and reputation management for globus

OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Synthesis of web services orchestrators in a timed setting

WS-FM'07 Proceedings of the 4th international conference on Web services and formal methods
Towards dynamic monitoring of WS-BPEL processes

ICSOC'05 Proceedings of the Third international conference on Service-Oriented Computing
Semantics of BPEL4WS-Like fault and compensation handling

FM'05 Proceedings of the 2005 international conference on Formal Methods
Usage control in service-oriented architectures

TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business

Fine-Grained Continuous Usage Control of Service Based Grids --- The GridTrust Approach

ServiceWave '08 Proceedings of the 1st European Conference on Towards a Service-Based Internet
Security for dynamic service-oriented eCollaboration: architectural alternatives and proposed solution

TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Model-based refinement of security policies in collaborative virtual organisations

ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Secure service orchestration in open networks

Journal of Systems Architecture: the EUROMICRO Journal
Service automata

FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a language for expressing fine-grained security policies for controlling orchestrated business processes modelled as a BPEL workflow. Our policies are expressed as a process algebra that permits a BPEL activity, denies it or force-terminates it. The outcome is evaluates with compensation contexts. Finally, we give an example of these policies in a distributed map processing scenario such that the policies constrain service interactions in the workflow according to the security requirements of each entity participating in the workflow.