Statecharts: A visual formalism for complex systems
Science of Computer Programming
Communicating sequential processes
Communications of the ACM
A model of OASIS role-based access control and its support for active security
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Beyond separation of duty: an algebra for specifying high-level security policies
Proceedings of the 13th ACM conference on Computer and communications security
Sessions and Pipelines for Structured Service Programming
FMOODS '08 Proceedings of the 10th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
Enforcing Role-Based Access Control Policies in Web Services with UML and OCL
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Security Types for Sessions and Pipelines
Web Services and Formal Methods
A process-algebraic approach to workflow specification and refinement
SC'07 Proceedings of the 6th international conference on Software composition
Dynamic enforcement of abstract separation of duty constraints
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Rodin: an open toolset for modelling and reasoning in Event-B
International Journal on Software Tools for Technology Transfer (STTT) - Special Section on VSTTE 2008
Systematic translation rules from ASTD to event-B
IFM'10 Proceedings of the 8th international conference on Integrated formal methods
Secrecy UML method for model transformations
ABZ'10 Proceedings of the Second international conference on Abstract State Machines, Alloy, B and Z
Hi-index | 0.01 |
Controlling access to Web services of public agencies as well as private corporations primarily depends on specification and deployment of functional security rules in order to satisfy strict regulations imposed by governments, particularly in financial and health sectors. This paper focuses on one aspect of the SELKIS and EB3SEC projects related to security of Web-based information systems, namely the automatic transformation of security rules, instantiated from security rule patterns written in a graphical notation with a denotational semantics close to statecharts, into WS-BPEL (or BPEL for short) processes. The latter are executed by a BPEL engine integrated into a policy decision point, a component of a policy enforcement manager similar to the one proposed in the XACML standard.