Telos: representing knowledge about information systems
ACM Transactions on Information Systems (TOIS)
ConceptBase—a deductive object base for meta data management
Journal of Intelligent Information Systems - Special issue: deductive and object-oriented databases
Role-Based Access Control Models
Computer
Future directions in role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
The Power of Events: An Introduction to Complex Event Processing in Distributed Enterprise Systems
The Power of Events: An Introduction to Complex Event Processing in Distributed Enterprise Systems
Handbook of Information Security Management
Handbook of Information Security Management
Introduction: Service-oriented computing
Communications of the ACM - Service-oriented computing
Exploring a Multi-Faceted Framework for SoC: How to Develop Secure Web-Service Interactions?
RIDE '04 Proceedings of the 14th International Workshop on Research Issues on Data Engineering: Web Services for E-Commerce and E-Government Applications (RIDE'04)
Separation of duties for access control enforcement in workflow environments
IBM Systems Journal - End-to-end security
Efficiently supporting secure and reliable collaboration in scientific workflows
Journal of Computer and System Sciences
Hi-index | 0.00 |
Enterprises are rapidly extending their relatively stable and internally-oriented business processes and applications with loosely-coupled enterprise software services in order to support highly dynamic, cross-organizational business processes. These services are no longer solely based on internal enterprise systems, but often implemented, deployed and executed by diverse, external service providers. The ability to dynamically configure cross-organizational business processes with a mixture of internal and external services imposes new security requirements on existing security models.In this paper, we address the problem of defining and enforcing access control rules for securing service invocations in the context of a business process. For this purpose, we amortize existing role-based access control models that allow for dynamic delegation and retraction of authorizations. Authorizations are assigned on an event-driven basis, implementing a push-based interaction protocol between services. This novel security model is entitled the Event-driven Framework for Service Oriented Computing (EFSOC). In addition, this article presents an experimental prototype that is explored using a realistic case study.