An approach for implementation of RBAC models with context constraint to business process systems

Authors:
Yi Guo;Myeonggil Choi;Sangmun Shin;Guibam Bae;Yongsun Choi
Affiliations:
Department of System Management & Engineering, Inje University, South Korea;Department of System Management & Engineering, Inje University, South Korea;Department of System Management & Engineering, Inje University, South Korea;Department of System Management & Engineering, Inje University, South Korea;Department of System Management & Engineering, Inje University, South Korea
Venue:
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
Year:
2006

Citing 15
Cited 0

Role-Based Access Control Models

Computer
A flexible model supporting the specification and enforcement of role-based authorization in workflow management systems

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
The specification and enforcement of authorization constraints in workflow management systems

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Injecting RBAC to secure a Web-based workflow system

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Role-based authorization constraints specification

ACM Transactions on Information and System Security (TISSEC)
A Chinese wall security model for decentralized workflow systems

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Managing Workflow Authorization Constraints through Active Database Technology

Information Systems Frontiers
A Study of Least Privilege in CapBasED-AMS

COOPIS '98 Proceedings of the 3rd IFCIS International Conference on Cooperative Information Systems
UML-Based Representation of Role-Based Access Control

WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Model driven security for process-oriented systems

Proceedings of the eighth ACM symposium on Access control models and technologies
An access control framework for business processes for web services

Proceedings of the 2003 ACM workshop on XML security
An integrated approach to engineer and enforce context constraints in RBAC environments

ACM Transactions on Information and System Security (TISSEC)
Access control in collaborative systems

ACM Computing Surveys (CSUR)
PRES: a practical flexible RBAC workflow system

ICEC '05 Proceedings of the 7th international conference on Electronic commerce
Decomposition-based verification of cyclic workflows

ATVA'05 Proceedings of the Third international conference on Automated Technology for Verification and Analysis

Quantified Score

Hi-index	0.01

Visualization

Abstract

Business Process Management (BPM) System has recently been paid much attention because they can support dynamic business processes over heterogeneous computing systems. However, most BPM systems merely support fundamental security services at during run time, such as authentication of users and network security. Apparently, to satisfy the real-time systems security requirement, it is more effective and secure to consider security issues during the processes' build time. In this paper, we describe an approach to implement the RBAC models with context constraint for business process system. Specifically, we utilize the RBAC models with context constraint mechanism to meet our needs and describe the security architecture to be applied to a BPM system. The intention of this paper is to extend RBAC models with context constraints to fulfill the requirements of BPM systems with respect to security, flexibility and expansibility.