Controlling Usage in Business Process Workflows through Fine-Grained Security Policies
نویسندگان
چکیده
We propose a language for expressing fine-grained security policies for controlling orchestrated business processes modelled as a BPEL workflow. Our policies are expressed as a process algebra that permits a BPEL activity, denies it or force-terminates it. The outcome is evaluates with compensation contexts. Finally, we give an example of these policies in a distributed map processing scenario such that the policies constrain service interactions in the workflow according to the security requirements of each entity participating in the work-
منابع مشابه
Originator usage control with business process slicing
Originator Control allows information providers to define the information re-dissemination condition. Combined with usage control policy, fine-grained ’downstream usage control’ can be achieved, which specifies what attributes the downstream consumers should have and how data is used. This paper discusses originator usage control, paying particular attention to enterprise-level dynamic business...
متن کاملAccess and Usage Control in Grid
Grid is a computational environment where heterogeneous resources are virtualized and outsourced to multiple users across the Internet. The increasing popularity of the resources visualization is explained by the emerging suitability of such technology for automated execution of heavy parts of business and research processes. Efficient and flexible framework for the access and usage control ove...
متن کاملThe Flask Security Architecture: System Support for Diverse Security Policies
Operating systems must be flexible in their support for security policies, providing sufficient mechanisms for supporting the wide variety of real-world security policies. Such flexibility requires controlling the propagation of access rights, enforcing fine-grained access rights and supporting the revocation of previously granted access rights. Previous systems are lacking in at least one of t...
متن کاملSecuring Inter-Organizational Workflows in Highly Dynamic Environments through Biometric Authentication
High flexibility demands of business processes in an inter-organizational context potentially conflict with existing security needs, mainly implied by regulative and legal requirements. In order to comply with these it has to be ensured that access to information within the workflow is restricted to authorized participants. Furthermore, the system might be required to prove this retrospectively...
متن کاملA Prototype Secure Workflow Server
Workflow systems provide automated support that enables organizations to efficiently and reliably move important data through their routine business processes. For some organizations, the information processed by their workflow systems is highly valued and in need of protection from disclosure or corruption. Current workflow systems do not help organizations to adequately protect this important...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008