On evolving organizational models without losing control on authorization constraints in web service orchestrations

Proceedings - 12th IEEE International Conference on Commerce and Enterprise Computing, CEC 2010

Volumn , Issue , 2010, Pages 128-135

  Rinderle Ma, Stefanie ^a   Leitner, Maria ^a  

^a UNIVERSITY OF VIENNA   (Austria)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS RULES; AUTHORIZATION CONSTRAINTS; AUTHORIZED USERS; ORGANIZATIONAL CHANGE; ORGANIZATIONAL MODELS; RUNTIMES; SECURITY HOLES; WEB SERVICE ORCHESTRATION; WS-ORCHESTRATION;

ACCESS CONTROL; COMMERCE; INTELLIGENT AGENTS; MANAGEMENT; MULTI AGENT SYSTEMS;

WEB SERVICES;

EID: 79952372864     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CEC.2010.17     Document Type: Conference Paper

References (15)

1. E. Bertino, E. Ferrari, and V. Alturi. The specification and enforcement of authorization constraints in WFMS. ACM Transactions on Information and System Security, 2(1):65-104, 1999.
2. R. A. Botha and J. H. P. Eloff. Separation of duties for access control enforcement in workflow environments. IBM Systems Journal, 40(3):666-682, 2001. (Pubitemid 32933424)
3. F. Casati, S. Castano, and M. Fugini. Managing workflow authorization constraints through active database technology. Information Systems Frontiers, 3(3):319-338, 2001.
4. N. Desai, A. K. Chopra, and M. P. Singh. Amoeba: A methodology for modeling and evolving cross-organizational business processes. ACM Trans. Softw. Eng. Methodol., 19(2):1-45, 2009.
5. F. Dignum, V. Dignum, J. Padget, and J. Vazquez-Salceda. Organizing web services to develop dynamic, flexible, distributed systems. In Proc. Int'l Conf. Information Integration and Web-based Applications & Services, pages 225-234, 2009.
6. W. Huang and V. Atluri. SecureFlow: a secure web-enabled workflow management system. In Proc. ACM Workshop on Role-based access control, pages 83-94, 1999.
7. L. Ly, S. Rinderle-Ma, and P. Dadam. Design and verification of instantiable compliance rule graphs in Process-Aware information systems. In Proc. Int'l Conf. on Advanced Systems Engineering, pages 9-23, 2010.
8. J. Mendling, K. Ploesser, and M. Strembeck. Specifying separation of duty constraints in BPEL4People processes. In Springer, editor, Proc. Int'l Conf. Business Information Systems (BIS 2008), volume 7 of LNBIP, pages 273-284, 2008.
9. S. Rinderle and M. Reichert. A formal framework for adaptive access control models. Journal on Data Semantics, (IX):82-112, 2007.
10. S. Rinderle-Ma and M. Reichert. Managing the life cycle of access rules in CEOSIS. In Proc. Int'l Enterprise Computing Conference, pages 257-266, 2008.
11. S. Rinderle-Ma and M. Reichert. Comprehensive life cycle support for access rules in information systems: The CEOSIS project. Enterprise Information Syst., 3(3):219-251, 2009.
12. N. Russell, W. M. van der Aalst, A. H. ter Hofstede, and D. Edmond. Workflow resource patterns: Identification, representation and tool support. In Proc. Int'l Conf. Advanced Information Systems Engineering, pages 216-232. Springer, 2005.
13. A. H. M. ter Hofstede, W. M. P. van der Aalst, and M. Adams. Modern Business Process Automation. Springer, Nov. 2009.
14. B. van der Vecht, F. Dignum, J. Meyer, and V. Dignum. Organizations and autonomous agents: Bottom-Up dynamics of coordination mechanisms. In Coordination, Organizations, Institutions and Norms in Agent Systems IV, pages 17-32. Springer, 2009.
15. C. Wolter and A. Schaad. Modeling of Task-Based authorization constraints in BPMN. In Business Process Management, pages 64-79. Springer, 2007.