Programming in Prolog
Handbook of logic in artificial intelligence and logic programming (vol. 3)
Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
SecureFlow: a secure Web-enabled workflow management system
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Injecting RBAC to secure a Web-based workflow system
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Representation results for defeasible logic
ACM Transactions on Computational Logic (TOCL)
Distributed and Parallel Databases
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Separation of duties for access control enforcement in workflow environments
IBM Systems Journal - End-to-end security
A unified behavioural model and a contract language for extended enterprise
Data & Knowledge Engineering - Special issue: Contract-driven coordination and collaboration in the internet context
Role-based authorizations for workflow systems in support of task-based separation of duty
Journal of Systems and Software
Declarative process modeling with business vocabulary and business rules
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems - Volume Part I
A system for modal and deontic defeasible reasoning
AI'07 Proceedings of the 20th Australian joint conference on Advances in artificial intelligence
Specifying process-aware access control rules in SBVR
RuleML'07 Proceedings of the 2007 international conference on Advances in rule interchange and applications
Modeling control objectives for business process compliance
BPM'07 Proceedings of the 5th international conference on Business process management
Process mining and verification of properties: an approach based on temporal logic
OTM'05 Proceedings of the 2005 Confederated international conference on On the Move to Meaningful Internet Systems - Volume >Part I
Enterprise business process management: architecture, technology and standards
BPM'06 Proceedings of the 4th international conference on Business Process Management
Process Materialization Using Templates and Rules to Design Flexible Process Models
RuleML '09 Proceedings of the 2009 International Symposium on Rule Interchange and Applications
Design and management of flexible process variants using templates and rules
Computers in Industry
Applied Computational Intelligence and Soft Computing
Business process regulatory compliance management solution frameworks: a comparative evaluation
APCCM '12 Proceedings of the Eighth Asia-Pacific Conference on Conceptual Modelling - Volume 130
| Hi-index | 0.01 |
In view of recent business scandals that prompted the Sarbanes-Oxley legislation, there is a greater need for businesses to develop systematic approaches to designing business processes that comply with organizational policies. Moreover, it should be possible to express the policy and relate it to a given process in a descriptive or declarative manner. In this paper we propose role patterns , and show how they can be associated with generic task categories and processes in order to meet standard requirements of internal control principles in businesses. We also show how the patterns can be implemented using built-in constraints in a logic-based language like Prolog. While the role patterns are general, this approach is flexible and extensible because user-defined constraints can also be asserted in order to introduce additional requirements as dictated by business policy. The paper also discusses control requirements of business processes, and explores the interactions between role based access control (RBAC) mechanisms and workflows.