scholarly journals Self-Adaptive Role-Based Access Control for Business Processes

2017 ◽  
Author(s):  
Carlos Eduardo da Silva ◽  
Jose Diego Saraiva da Silva ◽  
Colin Paterson ◽  
Radu Calinescu
Keyword(s):  
Access Control ◽  
Business Processes ◽  
Role Based Access Control ◽  
Role Based ◽  
Adaptive Role ◽  
Self Adaptive

An Access Control Framework for WS-BPEL processes

2010 ◽  
pp. 492-515
Author(s):  
Federica Paci ◽  
Elisa Bertino ◽  
Jason Crampton
Keyword(s):  
Access Control ◽  
Human Activities ◽  
Business Processes ◽  
Control Model ◽  
Role Based Access Control ◽  
Control Framework ◽  
New Type ◽  
Separation Of Duty ◽  
Role Based ◽  
Bpel Processes

Business processes –the next generation workflows- have attracted considerable research interest in the last fifteen years. More recently, several XML-based languages have been proposed for specifying and orchestrating business processes, resulting in the WS-BPEL language. Even if WS-BPEL has been developed to specify automated business processes that orchestrate activities of multiple Web services, there are many applications and situations requiring that people be considered as additional participants that can influence the execution of a process. Significant omissions from WS-BPEL are the specification of activities that require interactions with humans to be completed, called human activities, and the specification of authorization information associating users with human activities in a WS-BPEL business process and authorization constraints, such as separation of duty, on the execution of human activities. In this chapter, we address these deficiencies by introducing a new type of WS-BPEL activity to model human activities and by developing RBAC-WS-BPEL, a role based access control model for WS-BPEL and BPCL, a language to specify authorization constraints.

Role-Based Risk Adaptive Access Control Model

2013 ◽  
Vol 416-417 ◽  
pp. 1516-1521
Author(s):  
Dan Hua Huang ◽  
Ya Qian Yang
Keyword(s):  
Access Control ◽  
Business Processes ◽  
Environmental Changes ◽  
Environmental Security ◽  
Experimental Result ◽  
User Needs ◽  
Role Based Access Control ◽  
Great Flexibility ◽  
Role Based ◽  
And Task

To solve the problem of only considering constraint verification and ignoring current running environmental security, Economical risk is applied in Role-Based Access Control (RBAC) to weigh user needs and environmental security according to context information and current environment. A model for Role-Based Risk Adaptive Access Control (RRAAC) combining traditional RBAC with new Risk Adaptable Access Control (RAdAC), and the method of risk calculation used in RRAAC model and its mathematic analysis and verification are presented in this paper. This RRAAC model has already been realized in a general personnel management system and experimental result shows that this model possesses great flexibility and certain adaptability coping with environmental changes during access control and task executing in business processes.

On Ontology of Integration Between Access Control and Business Process Deep Structure

2020 ◽  
pp. 226-246
Author(s):  
Sérgio Luís Guerreiro
Keyword(s):  
Access Control ◽  
Business Process ◽  
Business Processes ◽  
Deep Structure ◽  
Role Based Access Control ◽  
Access Control Models ◽  
Role Based ◽  
Industrial Standards ◽  
Logic Description ◽  
Gain Access

Access control models (ACM) offers the guarantee that only the qualified users can gain access to the artifacts contained in business processes. Business processes are designed, implemented, and operated using many industrial standards that challenge the interoperation with access control standards. Enterprise engineering (EE) introduces rigorous capabilities to design and implement the essential concepts related with the dynamic of business processes. ACM deals with the systematic design and implementation of dynamic and static access control concepts to qualify the access of the users to the artifacts. This chapter proposes an ontological integration between EE and ACM concepts in order to enable the discussion of access control in the deep structure of the business processes. ACM integrated with EE allow the run-time qualification of the actors while they perform all the business process steps and not only at invocation time. The proposal encompasses business process designed with DEMO ontology and role-based access control concepts using a mathematical model logic description.

scholarly journals The Design and Implementation of the Complicated Resource System Based on RBAC Model

2012 ◽  
Vol 6-7 ◽  
pp. 273-278
Author(s):  
Yan Chen ◽  
Chao Luo ◽  
Can Ying Huang ◽  
Shang Ping He
Keyword(s):  
Access Control ◽  
Business Processes ◽  
Control Mode ◽  
Role Based Access Control ◽  
Resource Model ◽  
Application System ◽  
Design And Implementation ◽  
Role Based ◽  
Resource System

As a key access control mode that multiple characters application system is presently used , RBAC(Role-Based Access Control) can solve the problem of dynamic multi-users and multiple characters excellently, but when facing complicated resource types and business processes, it must be expanding on that basis. The article has put forward and realized a permissions model which can solve complicated resource system and business processes—resource model.

AN ADAPTIVE ROLE-BASED ACCESS CONTROL APPROACH FOR CLOUD E-HEALTH SYSTEMS

2017 ◽  
Vol 2 (3) ◽  
pp. 26-37
Author(s):  
Amer Al-Badarneh ◽  
◽  
Hassan Najadat ◽  
Enas 'Hassan Abu Yabes' ◽  
◽  
...  
Keyword(s):  
Access Control ◽  
Health Systems ◽  
Role Based Access Control ◽  
Control Approach ◽  
Role Based ◽  
Adaptive Role

An Access Control Framework for WS-BPEL Processes

2013 ◽  
pp. 310-334
Author(s):  
Federica Paci ◽  
Elisa Bertino ◽  
Jason Crampton
Keyword(s):  
Access Control ◽  
Human Activities ◽  
Business Processes ◽  
Control Model ◽  
Role Based Access Control ◽  
Control Framework ◽  
New Type ◽  
Separation Of Duty ◽  
Role Based ◽  
Bpel Processes

Business processes –the next generation workflows- have attracted considerable research interest in the last fifteen years. More recently, several XML-based languages have been proposed for specifying and orchestrating business processes, resulting in the WS-BPEL language. Even if WS-BPEL has been developed to specify automated business processes that orchestrate activities of multiple Web services, there are many applications and situations requiring that people be considered as additional participants that can influence the execution of a process. Significant omissions from WS-BPEL are the specification of activities that require interactions with humans to be completed, called human activities, and the specification of authorization information associating users with human activities in a WS-BPEL business process and authorization constraints, such as separation of duty, on the execution of human activities. In this chapter, we address these deficiencies by introducing a new type of WS-BPEL activity to model human activities and by developing RBAC-WS-BPEL, a role based access control model for WS-BPEL and BPCL, a language to specify authorization constraints.

Sign in / Sign up

Export Citation Format

Share Document