Role-Based Access Control Models
Computer
Workflow analyzed for security and privacy in using databases
Journal of Computer Security - IFIP 2000
Modeling Security Requirements Through Ownership, Permission and Delegation
RE '05 Proceedings of the 13th IEEE International Conference on Requirements Engineering
A model-checking approach to analysing organisational controls in a loan origination process
Proceedings of the eleventh ACM symposium on Access control models and technologies
Rubacon: automated support for model-based compliance engineering
Proceedings of the 30th international conference on Software engineering
Verification of Business Process Entailment Constraints Using SPIN
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools
Transactions on Computational Science IV
Specification, Verification and Explanation of Violation for Data Aware Compliance Rules
ICSOC-ServiceWave '09 Proceedings of the 7th International Joint Conference on Service-Oriented Computing
Evaluating access control policies through model checking
ISC'05 Proceedings of the 8th international conference on Information Security
Security validation tool for business processes
Proceedings of the 16th ACM symposium on Access control models and technologies
Journal of Computer and System Sciences
TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
SecureBPMN: modeling and enforcing access control requirements in business processes
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Business process regulatory compliance management solution frameworks: a comparative evaluation
APCCM '12 Proceedings of the Eighth Asia-Pacific Conference on Conceptual Modelling - Volume 130
Hi-index | 0.00 |
More and more industrial activities are captured through Business Processes (BPs). To evaluate whether a BP under-design enjoys certain security desiderata is hardly manageable by business analysts without tool support, as the BP runtime environment is highly dynamic (e.g., task delegation). Automated reasoning techniques such as model checking can provide the required level of assurance but suffer of well-known obstacles for the adoption in industrial systems, e.g. they require a strong logical and mathematical background. In this paper, we present a novel security validation approach for BPs that employs state-of-theart model checking techniques for evaluating security-relevant aspects of BPs in dynamic environments and offers accessible user interfaces and apprehensive feedback for business analysts so to be suitable for industry.