Role-Based Access Control Models
Computer
Solving satisfiability and implication problems in database systems
ACM Transactions on Database Systems (TODS)
Modeling and Analysis of Workflows Using Petri Nets
Journal of Intelligent Information Systems - Special issue on workflow management systems
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
SecureFlow: a secure Web-enabled workflow management system
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
A semantic-based execution model for multilevel secure workflows
Journal of Computer Security
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
An algebra for composing access control policies
ACM Transactions on Information and System Security (TISSEC)
Temporal Reasoning in Workflow Systems
Distributed and Parallel Databases
A propositional policy algebra for access control
ACM Transactions on Information and System Security (TISSEC)
XacT: a bridge between resource management and access control in multi-layered applications
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Modelling, specifying and implementing workflow security in Cyberspace
Journal of Computer Security
Optimized workflow authorization in service oriented architectures
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
An Approach to Identity Management for Service Centric Systems
ServiceWave '08 Proceedings of the 1st European Conference on Towards a Service-Based Internet
Detecting conflicts in ABAC policies with rule-reduction and binary-search techniques
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Hi-index | 0.00 |
The need for enterprise application integration projects leads to complex composite applications. For the sake of security and efficiency, consolidated access control policies for composite applications should be provided. Such a policy is based on the policies of the corresponding autonomous sub-applications and has the following properties: On the one hand, it needs to be as restrictive as possible to block requests which do not comply with the integrated sub-applications' policies. Thereby, unsuccessful executions of requests are prevented at an early stage. On the other hand, the composite policy must grant all necessary privileges in order to make the intended functionality available to legitimate users. In this paper, we present our formal model and respective algorithmic solutions for consolidating the access control of composite applications. The generated policies conform to the presented requirements of the least privileges paradigm and, thus, allow to revise and optimize the access control of composite applications. We demonstrate this by means of Web service workflows that constitute the state of the art for the realization of business processes.