Role-Based Access Control Models
Computer
Authentication, access control, and audit
ACM Computing Surveys (CSUR)
Document management for the enterprise: principles, techniques, and applications
Document management for the enterprise: principles, techniques, and applications
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Adept_flex—Supporting Dynamic Changes of Workflows Without Losing Control
Journal of Intelligent Information Systems - Special issue on workflow management systems
Data & Knowledge Engineering - Special jubilee issue: DKE 25
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Enterprise application integration
Enterprise application integration
A reflective infrastructure for workflow adaptability
Data & Knowledge Engineering
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Understanding and Deploying LDAP Directory Services
Understanding and Deploying LDAP Directory Services
Exterminating the Dynamic Change Bug: A Concrete Approach to Support Workflow Change
Information Systems Frontiers
IntelliGEN: A Distributed Workflow System for Discovering Protein-Protein Interactions
Distributed and Parallel Databases
Design for Change: Evolving Workflow Specifications in ULTRAflow
CAiSE '02 Proceedings of the 14th International Conference on Advanced Information Systems Engineering
Managing Evolving Workflow Specifications
COOPIS '98 Proceedings of the 3rd IFCIS International Conference on Cooperative Information Systems
A Formal Model for Role-Based Access Control with Constraints
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Role-Based Access Control
Flexible Support of Team Processes by Adaptive Workflow Systems
Distributed and Parallel Databases
Correctness criteria for dynamic changes in workflow systems: a survey
Data & Knowledge Engineering - Special issue: Advances in business process management
Separation of duties for access control enforcement in workflow environments
IBM Systems Journal - End-to-end security
Process Aware Information Systems: Bridging People and Software Through Process Technology
Process Aware Information Systems: Bridging People and Software Through Process Technology
Adaptive Process Management with ADEPT2
ICDE '05 Proceedings of the 21st International Conference on Data Engineering
Access control in collaborative systems
ACM Computing Surveys (CSUR)
Balancing flexibility and security in adaptive process management systems
OTM'05 Proceedings of the 2005 Confederated international conference on On the Move to Meaningful Internet Systems - Volume >Part I
On the controlled evolution of access rules in cooperative information systems
OTM'05 Proceedings of the 2005 Confederated international conference on On the Move to Meaningful Internet Systems - Volume >Part I
Integrating process learning and process evolution – a semantics based approach
BPM'05 Proceedings of the 3rd international conference on Business Process Management
Mining staff assignment rules from event-based data
BPM'05 Proceedings of the Third international conference on Business Process Management
A Formal Model for Organisational Structures behind Process-Aware Information Systems
Transactions on Petri Nets and Other Models of Concurrency II
Flexibility in Process-Aware Information Systems
Transactions on Petri Nets and Other Models of Concurrency II
Comprehensive life cycle support for access rules in information systems: the CEOSIS project
Enterprise Information Systems - Towards Model-driven Service-oriented Enterprise Computing - 12th International IEEE EDOC Enterprise Computing Conference (EDOC 2008)
Adaptation of service-based systems
Service research challenges and solutions for the future internet
| Hi-index | 0.00 |
For several reasons enterprises are frequently subject to organizational change. Respective adaptations may concern business processes, but also other components of an enterprise architecture. In particular, changes of organizational structures often become necessary. The information about organizational entities and their relationships is maintained in organizational models. Therefore the quick and correct adaptation of these models is fundamental to adequately cope with organizational changes. However, model changes alone are not sufficient to guarantee consistency. Since organizational models also provide the basis for defining access rules (e.g., actor assignments in workflow management systems or access rules in document-centered applications) this information has to be adapted accordingly (e.g., to avoid dangling references or non-resolvable actor assignments). Current approaches do not adequately address this problem, which often leads to security gaps and delayed change implementation.In this paper we introduce a formal framework for the controlled evolution of organizational models and related access rules. Firstly, we introduce a set of operators with well-defined semantics for defining and changing organizational models. Secondly, we show how to define access rules based on such models. In this context we also define a notion of correctness for access rules. Thirdly, we present a formal framework for the (semi-automated) adaptation of access rules when the underlying organizational model is changed by exploiting the semantics of the applied changes. Altogether the presented approach provides an important contribution for realizing adaptive access control frameworks.