UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Organizational Management in Workflow Applications – Issues and Perspectives
Information Technology and Management
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
A model-checking approach to analysing organisational controls in a loan origination process
Proceedings of the eleventh ACM symposium on Access control models and technologies
Conformance Checking of Access Control Policies Specified in XACML
COMPSAC '07 Proceedings of the 31st Annual International Computer Software and Applications Conference - Volume 02
Automated verification of access control policies using a SAT solver
International Journal on Software Tools for Technology Transfer (STTT)
Modeling of task-based authorization constraints in BPMN
BPM'07 Proceedings of the 5th international conference on Business process management
Hi-index | 0.00 |
Administrative controls exist to ensure that business activities are correctly managed and controlled according to corporate and legal regulations. With many organisations reliant on complex IT solutions these controls relate to functionality of software. In this paper we present an extension for business process models to express administrative controls, such as role-based, mandatory or dynamic separation of duty access control policies on the abstraction level of business process models. A model-driven approach is applied to generate platform-specific policies. As an example we utilise the eXtensible Access Control Markup Language (XACML).