Originator usage control with business process slicing
نویسندگان
چکیده
Originator Control allows information providers to define the information re-dissemination condition. Combined with usage control policy, fine-grained ’downstream usage control’ can be achieved, which specifies what attributes the downstream consumers should have and how data is used. This paper discusses originator usage control, paying particular attention to enterprise-level dynamic business federations. Rather than ’pre-defining’ the information re-dissemination paths, our business process slicing method ’capture’ the asset derivation pattern, allowing to maintain originators’ policies during the full lifecycle of assets in a collaborative context. First, we propose Service Call Graph (SCG), based on extending the System Dependency Graph, to describe dependencies among partners. When SCG (and corresponding ’service call tuple’ list) is built for a business process, it is analyzed to group partners into sub-contexts, according to their dependency relations. Originator usage control can be achieved focusing on each sub-context, by examining downstream consumers’ security profiles with upstream asset providers’ policies. Second, for analyzing SCG, we propose two ’slicing’ strategies, namely ’asset-based’ and ’request-based’ slicing, to deal with the scenarios of both ’pre-processing’ a business process scripts and ’on-the-fly’ analyzing service compositions. Last, our implementation work involves a ’context manager’ service for processing business processes defined in WS-BPEL. It can be composed with our former proposed policy negotiation and aggregation services to provide policy-based end-to-end security management. We also make experiments based on processing the sample processes that come with ’WS-BPEL2.0’ specification.
منابع مشابه
Originator Control in Usage Control
Originator Control is an access control policy that requires recipients to gain originator’s approval for redissemination of disseminated digital object. Originator control policies are one of the generic and key concerns of usage control. Usage control is an emerging concept which encompasses traditional access control and digital rights management solutions. However, current commercial Digita...
متن کاملIncreasing Accuracy of Process-based Fraud Detection Using a Behavior Model
Process-based fraud (PBF) is fraud caused by deviation from a business process model. Some studies have proposed methods for PBF detection; however, these are still not able to fully detect the occurrence of fraud. In this context, we propose a new method of PBF detection which carries out the behavior of the originators (users who perform events) to adjust the levels of fraud occured in the ev...
متن کاملStatic inter-BPEL program slicing for web services
Analysis and maintenance of BPEL programs play a vital role in assuring the quality of Web service software. In the paper, the concept of inter-service control flow graph (ISCFG) is proposed to represent the interaction behaviours between service units. Meanwhile, the traditional data flow analysis is extended to handle combinatorial structure of variables in BPEL program. Then, a method for co...
متن کاملThe Role of Program Slicing in Ripple Effect Analysis
Ripple Effect Analysis (REA) is an iterative process used to ensure consistency and integrity after changes are made to software. Many techniques, including program slicing, have been proposed to be used in this process with varying degrees of success. This paper shows how program slicing can be used in the REA process. Specifically this paper demonstrates the need of both forward and backward ...
متن کاملPersonalizing Textbooks with Slicing Technologies – Concept, Tools, Architecture, Collaborative Use
Electronic books are not yet heavily used because they still do not offer sufficient benefits. The Slicing Book approach is a new approach to electronic books offering personalized electronic textbooks for learners. Books are split into slices and the logical relationship between those slices is made explicite, e.g. what slice builds on knowledge provided by what other slices. This knowledge ca...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1203.3263 شماره
صفحات -
تاریخ انتشار 2012