Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Injecting RBAC to secure a Web-based workflow system
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
A Chinese wall security model for decentralized workflow systems
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Managing Workflow Authorization Constraints through Active Database Technology
Information Systems Frontiers
A Study of Least Privilege in CapBasED-AMS
COOPIS '98 Proceedings of the 3rd IFCIS International Conference on Cooperative Information Systems
UML-Based Representation of Role-Based Access Control
WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Model driven security for process-oriented systems
Proceedings of the eighth ACM symposium on Access control models and technologies
An access control framework for business processes for web services
Proceedings of the 2003 ACM workshop on XML security
An integrated approach to engineer and enforce context constraints in RBAC environments
ACM Transactions on Information and System Security (TISSEC)
Access control in collaborative systems
ACM Computing Surveys (CSUR)
PRES: a practical flexible RBAC workflow system
ICEC '05 Proceedings of the 7th international conference on Electronic commerce
Decomposition-based verification of cyclic workflows
ATVA'05 Proceedings of the Third international conference on Automated Technology for Verification and Analysis
Hi-index | 0.01 |
Business Process Management (BPM) System has recently been paid much attention because they can support dynamic business processes over heterogeneous computing systems. However, most BPM systems merely support fundamental security services at during run time, such as authentication of users and network security. Apparently, to satisfy the real-time systems security requirement, it is more effective and secure to consider security issues during the processes' build time. In this paper, we describe an approach to implement the RBAC models with context constraint for business process system. Specifically, we utilize the RBAC models with context constraint mechanism to meet our needs and describe the security architecture to be applied to a BPM system. The intention of this paper is to extend RBAC models with context constraints to fulfill the requirements of BPM systems with respect to security, flexibility and expansibility.