Model driven security for inter-organizational workflows in e-government

Authors:
Ruth Breu;Michael Hafner;Barbara Weber;Andrea Novak
Affiliations:
Institut für Informatik, Universität Innsbruck, Innsbruck, Österreich;Institut für Informatik, Universität Innsbruck, Innsbruck, Österreich;Institut für Informatik, Universität Innsbruck, Innsbruck, Österreich;Austrian Research Center Seibersdorf, Seibersdorf, Österreich
Venue:
TCGOV'05 Proceedings of the 2005 international conference on E-Government: towards Electronic Democracy
Year:
2005

Citing 15
Cited 15

Production workflow: concepts and techniques

Production workflow: concepts and techniques
SecureFlow: a secure Web-enabled workflow management system

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Software engineering for security: a roadmap

Proceedings of the Conference on The Future of Software Engineering
Process-oriented architectures for electronic commerce and interorganizational workflow

Information Systems
Loosely coupled interorganizational workflows: modeling and analyzing workflows crossing organizational boundaries

Information and Management
Exception Handling in Workflow Systems

Applied Intelligence
Event-Based Interaction Management for Composite E-Services in eFlow

Information Systems Frontiers
Securing XML Documents with Author-X

IEEE Internet Computing
Correctness by Construction: Developing a Commercial Secure System

IEEE Software
The P2P Approach to Interorganizational Workflows

CAiSE '01 Proceedings of the 13th International Conference on Advanced Information Systems Engineering
SecureUML: A UML-Based Modeling Language for Model-Driven Security

UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
RBAC Policies in XML for X.509 Based Privilege Management

SEC '02 Proceedings of the IFIP TC11 17th International Conference on Information Security: Visions and Perspectives
Model driven security for process-oriented systems

Proceedings of the eighth ACM symposium on Access control models and technologies
Certificate-based authorization policy in a PKI environment

ACM Transactions on Information and System Security (TISSEC)
Modelling, specifying and implementing workflow security in Cyberspace

Journal of Computer Security

Information flow property preserving transformation of UML interaction diagrams

Proceedings of the eleventh ACM symposium on Access control models and technologies
Formal support for e-government system design with transparency consideration

Proceedings of the 1st international conference on Theory and practice of electronic governance
Model-driven configuration of os-level mandatory access control: research abstract

Companion of the 30th international conference on Software engineering
Constraint based role based access control in the SECTET-framework: A model-driven approach

Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
Modeling and Enforcing Advanced Access Control Policies in Healthcare Systems with Sectet

Models in Software Engineering
A constraint based role based access control in the SECTET a model-driven approach

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Constraint based role based access control (CRBAC) for restricted administrative delegation constraints in the SECTET

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
XRound: A reversible template language and its application in model-based security analysis

Information and Software Technology
Model-Driven Configuration of SELinux Policies

OTM '09 Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems: Part II
Model driven security engineering for the realization of dynamic security requirements in collaborative systems

MoDELS'06 Proceedings of the 2006 international conference on Models in software engineering
From inter-organizational workflows to process execution: generating BPEL from WS-CDL

OTM'05 Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems
A framework for modeling restricted delegation in service oriented architecture

TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
Web service engineering – advancing a new software engineering discipline

ICWE'05 Proceedings of the 5th international conference on Web Engineering
Realizing model driven security for inter-organizational workflows with WS-CDL and UML 2.0

MoDELS'05 Proceedings of the 8th international conference on Model Driven Engineering Languages and Systems
Not Ready for Prime Time: A Survey on Security in Model Driven Development

International Journal of Secure Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Model Driven Architecture is an approach to increase the quality of complex software systems by creating high-level system models and automatically generating system architectures and components out of these models. We show how this paradigm can be applied to what we call Model Driven Security for inter-organizational workflows in e-government. Our focus is on the realization of security-critical inter-organizational workflows in the context of web services and web service orchestration. Security requirements are specified at an abstract level using UML diagrams. Out of this specification security relevant artifacts are created for the target reference architecture based on upcoming web service security standards.