The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
The Theory and Practice of Concurrency
The Theory and Practice of Concurrency
WMP '00 Proceedings of the Workshop on Multiset Processing: Multiset Processing, Mathematical, Computer Science, and Molecular Computing Points of View
Model driven security for process-oriented systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A reference monitor for workflow systems with constrained task execution
Proceedings of the tenth ACM symposium on Access control models and technologies
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
A model-checking approach to analysing organisational controls in a loan origination process
Proceedings of the eleventh ACM symposium on Access control models and technologies
Specifying and analyzing security automata using CSP-OZ
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Direct static enforcement of high-level security policies
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Beyond separation of duty: An algebra for specifying high-level security policies
Journal of the ACM (JACM)
Turning Software into a Service
Computer
ICFEM '08 Proceedings of the 10th International Conference on Formal Methods and Software Engineering
Formalizing WSBPEL Business Processes Using Process Algebra
Electronic Notes in Theoretical Computer Science (ENTCS)
Dynamic enforcement of abstract separation of duty constraints
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Separation of duties as a service
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Rumpole: a flexible break-glass access control model
Proceedings of the 16th ACM symposium on Access control models and technologies
Obstruction-Free Authorization Enforcement: Aligning Security with Business Objectives
CSF '11 Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium
Optimal workflow-aware authorizations
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
| Hi-index | 0.00 |
Separation of Duties (SoD) aims at preventing fraud and errors by distributing tasks and associated authorizations among multiple users. Li and Wang [2008] proposed an algebra (SoDA) for specifying SoD requirements, which is both expressive in the requirements it formalizes and abstract in that it is not bound to a workflow model. In this article, we bridge the gap between the specification of SoD constraints modeled in SoDA and their enforcement in a dynamic, service-oriented enterprise environment. We proceed by generalizing SoDA's semantics to traces, modeling workflow executions that satisfy the respective SoDA terms. We then refine the set of traces induced by a SoDA term to also account for a workflow's control-flow and role-based authorizations. Our formalization, which is based on the process algebra CSP, supports the enforcement of SoD on general workflows and handles changing role assignments during workflow execution, addressing a well-known source of fraud. The resulting CSP model serves as blueprint for a distributed and loosely coupled architecture where SoD enforcement is provisioned as a service. This concept, which we call SoD as a Service, facilitates a separation of concerns between business experts and security professionals. As a result, integration and configuration efforts are minimized and enterprises can quickly adapt to organizational, regulatory, and technological changes. We describe an implementation of SoD as a Service, which combines commercial components such as a workflow engine with newly developed components such as an SoD enforcement monitor. To evaluate our design decisions and to demonstrate the feasibility of our approach, we present a case study of a drug dispensation workflow deployed in a hospital.