Foundations of logic programming
Foundations of logic programming
Principles of database and knowledge-base systems, Vol. I
Principles of database and knowledge-base systems, Vol. I
The well-founded semantics for general logic programs
Journal of the ACM (JACM)
Role-based security, object oriented databases and separation of duty
ACM SIGMOD Record
An overview of workflow management: from process modeling to workflow automation infrastructure
Distributed and Parallel Databases - Special issue on software support for work flow management
Role-Based Access Control Models
Computer
Modeling mandatory access control in role-based security systems
Proceedings of the ninth annual IFIP TC11 WG11.3 working conference on Database security IX : status and prospects: status and prospects
Modeling and Analysis of Workflows Using Petri Nets
Journal of Intelligent Information Systems - Special issue on workflow management systems
The VLDB Journal — The International Journal on Very Large Data Bases - Prototypes of deductive database systems
Complex Subjects, or: The Striving for Complexity is Ruling our World
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Merging Heterogeneous Security Orderings
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Role Hierarchies and Constraints for Lattice-Based Access Controls
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
A Visual Language for Authorization Modeling
VL '97 Proceedings of the 1997 IEEE Symposium on Visual Languages (VL '97)
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Flexible control of downloaded executable content
ACM Transactions on Information and System Security (TISSEC)
On the increasing importance of constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Integrated constraints and inheritance in DTAC
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
An access control model for simplifying constraint expression
Proceedings of the 7th ACM conference on Computer and communications security
Security models for web-based applications
Communications of the ACM
Managing access control complexity using metrices
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Temporal hierarchies and inheritance semantics for GTRBAC
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Information sharing and security in dynamic coalitions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Modeling and analyzing separation of duties in workflow environments
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Authorization and Access Control of Application Data in Workflow Systems
Journal of Intelligent Information Systems - Special issue: A survey of research questions for intelligent information systems in education
A logical framework for reasoning about access control models
ACM Transactions on Information and System Security (TISSEC)
A Uniform Model for Authorization and Access Control in Enterprise Information Platform
EDCIS '02 Proceedings of the First International Conference on Engineering and Deployment of Cooperative Information Systems
Regulating Work in Digital Enterprises: A Flexible Managerial Framework
On the Move to Meaningful Internet Systems, 2002 - DOA/CoopIS/ODBASE 2002 Confederated International Conferences DOA, CoopIS and ODBASE 2002
Analyzing Separation of Duties in Petri Net Workflows
MMM-ACNS '01 Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security
A Meta-model for e-Contract Template Variable Dependencies Facilitating e-Negotiation
ER '02 Proceedings of the 21st International Conference on Conceptual Modeling
Describing Policies with Graph Constraints and Rules
ICGT '02 Proceedings of the First International Conference on Graph Transformation
Establishing the business value of network security using analytical hierarchy process
Creating business value with information technology
Specifying and enforcing constraints in role-based access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Dependencies and separation of duty constraints in GTRBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
An approach to engineer and enforce context constraints in an RBAC environment
Proceedings of the eighth ACM symposium on Access control models and technologies
Model driven security for process-oriented systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Recent advances in access control models
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Organizational modeling in UML and XML in the context of workflow systems
Proceedings of the 2003 ACM symposium on Applied computing
An access control framework for business processes for web services
Proceedings of the 2003 ACM workshop on XML security
Trust-serv: model-driven lifecycle management of trust negotiation policies for web services
Proceedings of the 13th international conference on World Wide Web
An integrated approach to engineer and enforce context constraints in RBAC environments
ACM Transactions on Information and System Security (TISSEC)
Separation of duties for access control enforcement in workflow environments
IBM Systems Journal - End-to-end security
A First Step Towards Formal Verification of Security Policy Properties for RBAC
QSIC '04 Proceedings of the Quality Software, Fourth International Conference
SOWAC: A Service-Oriented Workflow Access Control Model
COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
Role-based authorizations for workflow systems in support of task-based separation of duty
Journal of Systems and Software
Modeling and Analyzing of Workflow Authorization Management
Journal of Network and Systems Management
An Authorization Model for Geospatial Data
IEEE Transactions on Dependable and Secure Computing
Access control in collaborative systems
ACM Computing Surveys (CSUR)
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
A reference monitor for workflow systems with constrained task execution
Proceedings of the tenth ACM symposium on Access control models and technologies
Supporting conditional delegation in secure workflow management systems
Proceedings of the tenth ACM symposium on Access control models and technologies
SERAT: SEcure role mApping technique for decentralized secure interoperability
Proceedings of the tenth ACM symposium on Access control models and technologies
ACM Transactions on Information and System Security (TISSEC)
Formal specification of role-based security policies for clinical information systems
Proceedings of the 2005 ACM symposium on Applied computing
A case study of separation of duty properties in the context of the Austrian "eLaw" process.
Proceedings of the 2005 ACM symposium on Applied computing
IEEE Transactions on Dependable and Secure Computing
PRES: a practical flexible RBAC workflow system
ICEC '05 Proceedings of the 7th international conference on Electronic commerce
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Secure collaboration in mediator-free environments
Proceedings of the 12th ACM conference on Computer and communications security
Access control management in a distributed environment supporting dynamic collaboration
Proceedings of the 2005 workshop on Digital identity management
Developing e-Negotiation support with a meta-modeling approach in a web services environment
Decision Support Systems - Special issue: Web services and process management
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Inter-instance authorization constraints for secure workflow management
Proceedings of the eleventh ACM symposium on Access control models and technologies
Key research issues in grid workflow verification and validation
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Beyond separation of duty: an algebra for specifying high-level security policies
Proceedings of the 13th ACM conference on Computer and communications security
Access control in collaborative commerce
Decision Support Systems
On mutually exclusive roles and separation-of-duty
ACM Transactions on Information and System Security (TISSEC)
ACM Transactions on Information and System Security (TISSEC)
Towards secure information sharing using role-based delegation
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
Formal foundations for hybrid hierarchies in GTRBAC
ACM Transactions on Information and System Security (TISSEC)
Dynamic Work Distribution in Workflow Management Systems: How to Balance Quality and Performance
Journal of Management Information Systems
Web services discovery in secure collaboration environments
ACM Transactions on Internet Technology (TOIT)
An algorithm for the appraisal of assurance indicators for complex business processes
Proceedings of the 2007 ACM workshop on Quality of protection
Workflow authorisation in mediator-free environments
International Journal of Security and Networks
Document access control in organisational workflows
International Journal of Information and Computer Security
Design security for internet-based workflow management systems adopting security agents
AIKED'05 Proceedings of the 4th WSEAS International Conference on Artificial Intelligence, Knowledge Engineering Data Bases
On delegation and workflow execution models
Proceedings of the 2008 ACM symposium on Applied computing
Enforcing security properties in task-based systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Task-based entailment constraints for basic workflow patterns
Proceedings of the 13th ACM symposium on Access control models and technologies
Beyond separation of duty: An algebra for specifying high-level security policies
Journal of the ACM (JACM)
Deploying access control in distributed workflow
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Advanced Permission-Role Relationship in Role-Based Access Control
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Security views for outsourced business processes
Proceedings of the 2008 ACM workshop on Secure web services
On the Security of Delegation in Access Control Systems
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Towards comprehensive support for organizational mining
Decision Support Systems
A Rule-Based Framework Using Role Patterns for Business Process Compliance
RuleML '08 Proceedings of the International Symposium on Rule Representation, Interchange and Reasoning on the Web
A Model-Driven Approach for the Specification and Analysis of Access Control Policies
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
A policy-based authorization model for workflow-enabled dynamic process management
Journal of Network and Computer Applications
Towards a Methodology for Semantic Business Process Modeling and Configuration
Service-Oriented Computing - ICSOC 2007 Workshops
Verification of Business Process Entailment Constraints Using SPIN
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Delegating revocations and authorizations in collaborative business environments
Information Systems Frontiers
Comprehensive life cycle support for access rules in information systems: the CEOSIS project
Enterprise Information Systems - Towards Model-driven Service-oriented Enterprise Computing - 12th International IEEE EDOC Enterprise Computing Conference (EDOC 2008)
Injecting a permission-based delegation model to secure web-based workflow systems
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
A transformation approach for security enhanced business processes
SE '08 Proceedings of the IASTED International Conference on Software Engineering
Beyond soundness: on the verification of semantic business process models
Distributed and Parallel Databases
Deriving XACML policies from business process models
WISE'07 Proceedings of the 2007 international conference on Web information systems engineering
Modeling of task-based authorization constraints in BPMN
BPM'07 Proceedings of the 5th international conference on Business process management
A formal framework for adaptive access control models
Journal on data semantics IX
Dynamic enforcement of abstract separation of duty constraints
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Satisfiability and Resiliency in Workflow Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
Configurable multi-perspective business process models
Information Systems
Security policies in distributed CSCW and workflow systems
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Conceptual model for online auditing
Decision Support Systems
Specification of history based constraints for access control in conceptual level
ICISS'10 Proceedings of the 6th international conference on Information systems security
Authorization enforcement usability case study
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Modeling process-related RBAC models with extended UML activity models
Information and Software Technology
Protecting critical infrastructures while preserving each organization's autonomy
ICDCIT'11 Proceedings of the 7th international conference on Distributed computing and internet technology
Separation of duties as a service
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Integrating constraints to support legally flexible business processes
Information Systems Frontiers
An approach for implementation of RBAC models with context constraint to business process systems
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
Constraint-centric workflow change analytics
Decision Support Systems
Process compliance analysis based on behavioural profiles
Information Systems
Program synthesis in administration of higher-order permissions
Proceedings of the 16th ACM symposium on Access control models and technologies
A model for constraint and delegation management
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
OTM'11 Proceedings of the 2011th Confederated international conference on On the move to meaningful internet systems - Volume Part I
Consolidating the access control of composite applications and workflows
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Resolving information flow conflicts in RBAC systems
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Optimized workflow authorization in service oriented architectures
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Flexible workflow incorporated with RBAC
CSCWD'05 Proceedings of the 9th international conference on Computer Supported Cooperative Work in Design II
Balancing flexibility and security in adaptive process management systems
OTM'05 Proceedings of the 2005 Confederated international conference on On the Move to Meaningful Internet Systems - Volume >Part I
On the controlled evolution of access rules in cooperative information systems
OTM'05 Proceedings of the 2005 Confederated international conference on On the Move to Meaningful Internet Systems - Volume >Part I
The conflict detection between permission assignment constraints in role-based access control
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
Trust-Based secure workflow path construction
ICSOC'05 Proceedings of the Third international conference on Service-Oriented Computing
Enforcing access control in workflow systems with a task engineering approach
International Journal of Internet Technology and Secured Transactions
A task-oriented access control model for WfMS
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
WAC'04 Proceedings of the First international IFIP conference on Autonomic Communication
Interactive credential negotiation for stateful business processes
iTrust'05 Proceedings of the Third international conference on Trust Management
On the refactoring of activity labels in business process models
Information Systems
DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Optimistic anonymous participation in inter-organizational workflow instances
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Defining and analysing resource assignments in business processes with RAL
ICSOC'11 Proceedings of the 9th international conference on Service-Oriented Computing
Inference-usability confinement by maintaining inference-proof views of an information system
International Journal of Computational Science and Engineering
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
A framework for exploring organizational structure in dynamic social networks
Decision Support Systems
Automated analysis of infinite state workflows with access control policies
STM'11 Proceedings of the 7th international conference on Security and Trust Management
Performance analysis for workflow management systems under role-based authorization control
GPC'12 Proceedings of the 7th international conference on Advances in Grid and Pervasive Computing
On the Prevention of Fraud and Privacy Exposure in Process Information Flow
INFORMS Journal on Computing
On the parameterized complexity of the workflow satisfiability problem
Proceedings of the 2012 ACM conference on Computer and communications security
Dynamic enforcement of abstract separation of duty constraints
ACM Transactions on Information and System Security (TISSEC)
Satisfiability and resiliency in workflow systems
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Traceability and integrity of execution in distributed workflow management systems
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
The need for application-aware access control evaluation
Proceedings of the 2012 workshop on New security paradigms
Role approach in access control development with the usage control concept
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
Definition and enactment of instance-spanning process constraints
WISE'12 Proceedings of the 13th international conference on Web Information Systems Engineering
Mobi-CoSWAC: an access control approach for collaborative scientific workflow in mobile environment
ICPCA/SWS'12 Proceedings of the 2012 international conference on Pervasive Computing and the Networked World
Constraint expressions and workflow satisfiability
Proceedings of the 18th ACM symposium on Access control models and technologies
Supporting entailment constraints in the context of collaborative web applications
Proceedings of the 28th Annual ACM Symposium on Applied Computing
On the Parameterized Complexity and Kernelization of the Workflow Satisfiability Problem
ACM Transactions on Information and System Security (TISSEC)
A novel approach for dynamic authorisation planning in constrained workflow systems
Proceedings of the 6th International Conference on Security of Information and Networks
ICWE'13 Proceedings of the 13th international conference on Web Engineering
Enforcement of entailment constraints in distributed service-based business processes
Information and Software Technology
Modelling context-aware RBAC models for mobile business processes
International Journal of Wireless and Mobile Computing
Detection of naming convention violations in process models for different languages
Decision Support Systems
Information and Software Technology
How to guarantee compliance between workflows and product lifecycles?
Information Systems
| Hi-index | 0.02 |
In recent years, workflow management systems (WFMSs) have gained popularity in both research and commercial sectors. WFMSs are used to coordinate and streamline business processes. Very large WFMSs are often used in organizations with users in the range of several thousands and process instances in the range of tens and thousands. To simplify the complexity of security administration, it is common practice in many businesses to allocate a role for each activity in the process and then assign one or more users to each role—granting an authorization to roles rather than to users. Typically, security policies are expressed as constraints (or rules) on users and roles; separation of duties is a well-known constraint. Unfortunately, current role-based access control models are not adequate to model such constraints. To address this issue we (1) present a language to express both static and dynamic authorization constraints as clauses in a logic program; (2) provide formal notions of constraint consistency; and (3) propose algorithms to check the consistency of constraints and assign users and roles to tasks that constitute the workflow in such a way that no constraints are violated.