Optimized workflow authorization in service oriented architectures

Authors:
Martin Wimmer;Martina-Cezara Albutiu;Alfons Kemper
Affiliations:
Technische Universität München, Garching b. München, Germany;Technische Universität München, Garching b. München, Germany;Technische Universität München, Garching b. München, Germany
Venue:
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Year:
2006

Citing 10
Cited 1

A model of authorization for next-generation database systems

ACM Transactions on Database Systems (TODS)
Role-Based Access Control Models

Computer
The specification and enforcement of authorization constraints in workflow management systems

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
SecureFlow: a secure Web-enabled workflow management system

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
An algebra for composing access control policies

ACM Transactions on Information and System Security (TISSEC)
Temporal Reasoning in Workflow Systems

Distributed and Parallel Databases
A Model for Evaluation and Administration of Security in Object-Oriented Databases

IEEE Transactions on Knowledge and Data Engineering
XacT: a bridge between resource management and access control in multi-layered applications

SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Processing conjunctive predicates and queries

VLDB '80 Proceedings of the sixth international conference on Very Large Data Bases - Volume 6
Trust-Based secure workflow path construction

ICSOC'05 Proceedings of the Third international conference on Service-Oriented Computing

Consolidating the access control of composite applications and workflows

DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Complex business processes are usually realized by specifying the integration and interaction of smaller modular software components. For example, hitherto monolithic enterprise resource planning systems (ERP) are decomposed into Web services which are then again orchestrated in terms of Web service workflows, bringing about higher levels of flexibility and adaptability. In general, such services constitute autonomous software components with their own dedicated security requirements. In this paper we present our approach for consolidating the access control of (Web service) workflows. The proposed security engineering method allows, first, to determine for whom workflows are executable from a privileges point of view, second, to assess compliance with the principle of least privilege, and, third, helps to reduce policy enforcement costs.