Modelling Inter-organizational Workflow Security in a Peer-to-Peer Environment

Authors:
Michael Hafner;Michael Breur;Ruth Breu;Andrea Nowak
Affiliations:
Universität Innsbruck, Institut für Informatik;Universität Innsbruck, Institut für Informatik;Universität Innsbruck, Institut für Informatik;ARC Seibersdorf Research, Kramergasse
Venue:
ICWS '05 Proceedings of the IEEE International Conference on Web Services
Year:
2005

Citing 0
Cited 13

Constraint based role based access control in the SECTET-framework: A model-driven approach

Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
Modeling and Enforcing Advanced Access Control Policies in Healthcare Systems with Sectet

Models in Software Engineering
A constraint based role based access control in the SECTET a model-driven approach

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Constraint based role based access control (CRBAC) for restricted administrative delegation constraints in the SECTET

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
GoCoMM: a governance and compliance maturity model

Proceedings of the first ACM workshop on Information security governance
Model driven security engineering for the realization of dynamic security requirements in collaborative systems

MoDELS'06 Proceedings of the 2006 international conference on Models in software engineering
Towards a MOF/QVT-Based domain architecture for model driven security

MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
From inter-organizational workflows to process execution: generating BPEL from WS-CDL

OTM'05 Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems
A framework for modeling restricted delegation in service oriented architecture

TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
Realizing model driven security for inter-organizational workflows with WS-CDL and UML 2.0

MoDELS'05 Proceedings of the 8th international conference on Model Driven Engineering Languages and Systems
Semantic service composition framework for multidomain ubiquitous computing applications

ICSOC'12 Proceedings of the 10th international conference on Service-Oriented Computing
Not Ready for Prime Time: A Survey on Security in Model Driven Development

International Journal of Secure Software Engineering
A systematic review on security in Process-Aware Information Systems - Constitution, challenges, and future directions

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

The many conflicting technical, organizational, legal and domain-level constraints make the implementation of secure, inter-organizational workflows a very complex task, which is bound to low-level technical knowledge and error prone. The SECTINO project provides a framework for the realization and the high-level management of security-critical workflows based on the paradigm of Model Driven Security. In our case the models are translated into runtime artefacts that configure a target reference architecture based on web services technologies. In this paper we focus on the Global Workflow Model, which captures the message exchange protocol between partners cooperating in a distributed environments well as basic security patterns. We show how the model maps to workflow and security components of the hosting environments at the partner nodes.