Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Flexible team-based access control using contexts
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Beyond workflow management: product-driven case handling
GROUP '01 Proceedings of the 2001 International ACM SIGGROUP Conference on Supporting Group Work
A Content-Based Authorization Model for Digital Libraries
IEEE Transactions on Knowledge and Data Engineering
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Task-role-based access control model
Information Systems
An access control framework for business processes for web services
Proceedings of the 2003 ACM workshop on XML security
Workflow Management: Models, Methods, and Systems
Workflow Management: Models, Methods, and Systems
Access control in collaborative systems
ACM Computing Surveys (CSUR)
PRES: a practical flexible RBAC workflow system
ICEC '05 Proceedings of the 7th international conference on Electronic commerce
Resiliency policies in access control
Proceedings of the 13th ACM conference on Computer and communications security
Economic aspects of information security: An emerging field of research
Information Systems Frontiers
A model-driven development framework for enterprise Web services
Information Systems Frontiers
Authorization and User Failure Resiliency for WS-BPEL Business Processes
ICSOC '08 Proceedings of the 6th International Conference on Service-Oriented Computing
Verifying BPEL workflows under authorisation constraints
BPM'06 Proceedings of the 4th international conference on Business Process Management
Interactive credential negotiation for stateful business processes
iTrust'05 Proceedings of the Third international conference on Trust Management
Satisfiability and resiliency in workflow systems
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
ISF special issue on emerging social and legal aspects of information systems with Web 2.0
Information Systems Frontiers
| Hi-index | 0.00 |
Flexible collaboration is a notable attribute of Web 2.0, which is often in the form of multiple users participating different activities that together complete a whole business process. In such an environment, business processes may be dynamically customized or adjusted, as well as the participants may be selected or attend uncertainly. So how to ensure the legitimacy of a business process for both security and business is increasingly critical. In this paper, we investigate this problem and introduce a novel method to support legally flexible business processes. The proposed Constraint-based Business Process Management Model incorporates constraints into the standard activities composing a business process, where the security constraints place restrictions on participants performing the activities and business constraints restrict the dependencies between multiple activities. By the assembly operations, business processes can be dynamically generated and adjusted with activities, that are obliged to the specified constraints. Several algorithms are presented to verify the consistency of constraints and the soundness of the generated business processes, as well as to perform the execution planning to guarantee the correct execution of a business process on the precondition of satisfying all constraints. We present an illustrative example and implement a prototype for the proposed model that is an application of property rights exchange for supporting legal business processes.