Information infrastructure for electronic virtual organization management
Decision Support Systems - Special issue: intranets and intranetworking
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
SecureFlow: a secure Web-enabled workflow management system
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Access control mechanisms for inter-organizational workflow
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Authorization and Access Control of Application Data in Workflow Systems
Journal of Intelligent Information Systems - Special issue: A survey of research questions for intelligent information systems in education
Managing Workflow Authorization Constraints through Active Database Technology
Information Systems Frontiers
About the Enforcement of State Dependent Specifications
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
Trust-Based Security Model and Enforcement Mechanism for Web Service Technology
TES '02 Proceedings of the Third International Workshop on Technologies for E-Services
Dynamic access control through Petri net workflows
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
State-dependent security decisions for distributed object-systems
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Task-role-based access control model
Information Systems
Tucupi: a flexible workflow system based on overridable constraints
Proceedings of the 2004 ACM symposium on Applied computing
Facilitating cross-organisational workflows with a workflow view approach
Data & Knowledge Engineering - Special issue: Contract-driven coordination and collaboration in the internet context
PRES: a practical flexible RBAC workflow system
ICEC '05 Proceedings of the 7th international conference on Electronic commerce
Towards an information theoretic metric for anonymity
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Dynamic policy adaptation for inference control of queries to a propositional information system
Journal of Computer Security - DBSec 2011
Hi-index | 0.00 |
Electronic business applications are often structured by workflow declarations that span potentially numerous generic activities in different organizations. Such declarations are used to assign activities to specific entities, and to dynamically grant and revoke access to the resources according to the execution state of the workflow instance. If competing organizations cooperate in common workflow instances for achieving a joint purpose, they might want to let entities participate anonymously. Anonymous participation demands a restricted flow of identifying information, whereas state dependent access control requires the flow of specific control information. In this paper we introduce the ‘Anonymous SDSD' approach (State-Dependent Security Decisions) balancing the conflicting requirements by combining techniques like onion routing, logging, bulletin boards, pseudonyms and proxies.