The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
The Theory and Practice of Concurrency
The Theory and Practice of Concurrency
A reference monitor for workflow systems with constrained task execution
Proceedings of the tenth ACM symposium on Access control models and technologies
Direct static enforcement of high-level security policies
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Beyond separation of duty: An algebra for specifying high-level security policies
Journal of the ACM (JACM)
Turning Software into a Service
Computer
Dynamic enforcement of abstract separation of duty constraints
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Dynamic enforcement of abstract separation of duty constraints
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.00 |
We introduce the concept of Separation of Duties (SoD) as a Service, an approach to enforcing SoD requirements on workflows and thereby preventing fraud and errors. SoD as a Service facilitates a separation of concern between business experts and security professionals. Moreover, it allows enterprises to address the need for internal controls and to quickly adapt to organizational, regulatory, and technological changes. In this paper, we describe an implementation of SoD as a Service, which extends a widely used, commercial workflow system, and discuss its performance. We present a drug dispensation workflow deployed in a hospital as case study to demonstrate the feasibility and benefits of our proof-of-concept implementation.