메뉴 건너뛰기




Volumn 53, Issue 5, 2011, Pages 456-483

Modeling process-related RBAC models with extended UML activity models

Author keywords

Process modeling; Role engineering; Role based access control; Systems modeling; UML

Indexed keywords

PROCESS MODELING; ROLE ENGINEERING; ROLE-BASED ACCESS CONTROL; SYSTEMS MODELING; UML;

EID: 79952439750     PISSN: 09505849     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.infsof.2010.11.015     Document Type: Conference Paper
Times cited : (97)

References (103)
  • 1
    • 0032627183 scopus 로고    scopus 로고
    • Formalization and verification of event-driven process chains
    • W.M.P. van der Aalst Formalization and verification of event-driven process chains Information and Software Technology 41 10 1999
    • (1999) Information and Software Technology , vol.41 , Issue.10
    • Van Der Aalst, W.M.P.1
  • 5
    • 38349100724 scopus 로고    scopus 로고
    • Constraint based role based access control in the SECTET-framework - A model-driven approach
    • M. Alam, M. Hafner, and R. Breu Constraint based role based access control in the SECTET-framework - a model-driven approach Journal of Computer Security 16 2 2008
    • (2008) Journal of Computer Security , vol.16 , Issue.2
    • Alam, M.1    Hafner, M.2    Breu, R.3
  • 8
    • 18544381785 scopus 로고    scopus 로고
    • Guidelines of business process modeling
    • Business Process Management, Models, Techniques, and Empirical Studies, Springer Verlag
    • J. Becker, M. Rosemann, and C. von Uthmann Guidelines of business process modeling Business Process Management, Models, Techniques, and Empirical Studies Lecture Notes in Computer Science (LNCS) vol. 1806 2000 Springer Verlag
    • (2000) Lecture Notes in Computer Science (LNCS) , vol.1806
    • Becker, J.1    Rosemann, M.2    Von Uthmann, C.3
  • 11
    • 0034810791 scopus 로고    scopus 로고
    • Separation of duties for access control enforcement in workflow environments
    • R.A. Botha, and J.H.P. Eloff Separation of duties for access control enforcement in workflow environments IBM Systems Journal 40 3 2001
    • (2001) IBM Systems Journal , vol.40 , Issue.3
    • Botha, R.A.1    Eloff, J.H.P.2
  • 13
    • 57849114441 scopus 로고    scopus 로고
    • Compliance deconstructed
    • J.C. Cannon, and M. Byers Compliance deconstructed ACM Queue 4 7 2006
    • (2006) ACM Queue , vol.4 , Issue.7
    • Cannon, J.C.1    Byers, M.2
  • 25
    • 29244463832 scopus 로고    scopus 로고
    • An MDA approach to access control specifications using MOF and UML profiles
    • DOI 10.1016/j.entcs.2004.12.045, PII S1571066105052175
    • T. Fink, M. Koch, K. Pauls, An MDA approach to access control specifications using MOF and UML profiles, in: Proceedings of the First International Workshop on Views on Designing Complex Architectures (VODCA), Electronic Notes in Theoretical Computer Science, vol. 142, January 2006, pp. 161-179. (Pubitemid 41828098)
    • (2006) Electronic Notes in Theoretical Computer Science , vol.142 , Issue.SPEC. ISSUE , pp. 161-179
    • Fink, T.1    Koch, M.2    Pauls, K.3
  • 30
    • 79952450944 scopus 로고    scopus 로고
    • ISO, Information technology - Security techniques - Information security management systems - Requirements, ISO/IEC 27001:2005, Stage: 90.92, October 2008
    • ISO, Information technology - Security techniques - Information security management systems - Requirements, ISO/IEC 27001:2005, Stage: 90.92, October 2008, < http://www.iso.org/iso/iso-catalogue/catalogue-tc/catalogue-detail. htm?csnumber=42103 >.
  • 31
    • 79952451396 scopus 로고    scopus 로고
    • ISO, Information technology - Security techniques - Information security management systems - Overview and vocabulary, ISO/IEC 27000:2009, Stage: 60.60, April 2009
    • ISO, Information technology - Security techniques - Information security management systems - Overview and vocabulary, ISO/IEC 27000:2009, Stage: 60.60, April 2009, < http://www.iso.org/iso/iso-catalogue/catalogue-tc/catalogue- detail.htm?csnumber=41933 >.
  • 34
    • 57049136634 scopus 로고    scopus 로고
    • Model-based run-time checking of security permissions using guarded objects
    • Proceedings of the 8th International Workshop on Runtime Verification, Springer Verlag
    • J. Jürjens Model-based run-time checking of security permissions using guarded objects Proceedings of the 8th International Workshop on Runtime Verification Lecture Notes in Computer Science (LNCS) vol. 5289 2008 Springer Verlag
    • (2008) Lecture Notes in Computer Science (LNCS) , vol.5289
    • Jürjens, J.1
  • 36
    • 26444476433 scopus 로고    scopus 로고
    • An MDA approach towards integrating formal and informal modeling languages
    • FM 2005: Formal Methods: International Symposium of Formal Methods Europe. Proceedings
    • S.K. Kim, D. Burger, and D.A. Carrington An MDA approach towards integrating formal and informal modeling languages International Symposium of Formal Methods Europe Lecture Notes in Computer Science (LNCS) vol. 3582 2005 Springer Verlag 448 464 (Pubitemid 41436073)
    • (2005) Lecture Notes in Computer Science , vol.3582 , pp. 448-464
    • Kim, S.-K.1    Burger, D.2    Carrington, D.3
  • 37
    • 27544451161 scopus 로고    scopus 로고
    • On the semantics of EPCs: Resolving the vicious circle
    • E. Kindler On the semantics of EPCs: resolving the vicious circle Data & Knowledge Engineering (DKE) 56 1 2006
    • (2006) Data & Knowledge Engineering (DKE) , vol.56 , Issue.1
    • Kindler, E.1
  • 38
    • 37849187634 scopus 로고    scopus 로고
    • UML specification of access control policies and their formal verification
    • DOI 10.1007/s10270-006-0030-z
    • M. Koch, and F. Parisi-Presicce UML specification of access control policies and their formal verification Software and System Modeling 5 4 2006 429 447 (Pubitemid 44824555)
    • (2006) Software and Systems Modeling , vol.5 , Issue.4 , pp. 429-447
    • Koch, M.1    Parisi-Presicce, F.2
  • 40
    • 0019608720 scopus 로고
    • Formal models for computer security
    • C.E. Landwehr Formal models for computer security ACM Computing Surveys 13 3 1981
    • (1981) ACM Computing Surveys , vol.13 , Issue.3
    • Landwehr, C.E.1
  • 43
    • 49449083108 scopus 로고    scopus 로고
    • Beyond separation of duty: An algebra for specifying high-level security policies
    • N. Li, and Q. Wang Beyond separation of duty: an algebra for specifying high-level security policies Journal of the ACM (JACM) 55 3 2008
    • (2008) Journal of the ACM (JACM) , vol.55 , Issue.3
    • Li, N.1    Wang, Q.2
  • 46
    • 67349106826 scopus 로고    scopus 로고
    • Metrics for Process Models: Empirical Foundations of Verification, Error Prediction and Guidelines for Correctness
    • Springer Verlag
    • J. Mendling Metrics for Process Models: Empirical Foundations of Verification, Error Prediction and Guidelines for Correctness Lecture Notes in Business Information Processing (LNBIP) vol. 6 2008 Springer Verlag
    • (2008) Lecture Notes in Business Information Processing (LNBIP) , vol.6
    • Mendling, J.1
  • 47
    • 38149048455 scopus 로고    scopus 로고
    • Formalization and verification of EPCs with OR-joins based on state and context
    • Proceedings of the 19th Conference on Advanced Information Systems Engineering (CAiSE)
    • J. Mendling, and W.M.P. van der Aalst Formalization and verification of EPCs with OR-joins based on state and context J. Krogstie, A.L. Opdahl, G. Sindre, Proceedings of the 19th Conference on Advanced Information Systems Engineering (CAiSE) Lecture Notes in Computer Science vol. 4495 2007 Springer Verlag Trondheim, Norway
    • (2007) Lecture Notes in Computer Science , vol.4495
    • Mendling, J.1    Van Der Aalst, W.M.P.2
  • 48
    • 70350051021 scopus 로고    scopus 로고
    • Specifying separation of duty constraints in BPEL4People processes
    • Proceedings of the 11th International Conference on Business Information Systems (BIS), Springer-Verlag
    • J. Mendling, K. Ploesser, and M. Strembeck Specifying separation of duty constraints in BPEL4People processes Proceedings of the 11th International Conference on Business Information Systems (BIS) Lecture Notes in Business Information Processing (LNBIP) vol. 7 2008 Springer-Verlag
    • (2008) Lecture Notes in Business Information Processing (LNBIP) , vol.7
    • Mendling, J.1    Ploesser, K.2    Strembeck, M.3
  • 51
    • 33745167684 scopus 로고    scopus 로고
    • When and how to develop domain-specific languages
    • M. Mernik, J. Heering, and A.M. Sloane When and how to develop domain-specific languages ACM Computing Surveys 37 4 2005 316 344 (Pubitemid 43898543)
    • (2005) ACM Computing Surveys , vol.37 , Issue.4 , pp. 316-344
    • Mernik, M.1    Heering, J.2    Sloane, A.M.3
  • 53
    • 0024645936 scopus 로고
    • Petri nets: Properties, analysis and applications
    • T. Murata Petri nets: properties, analysis and applications Proceedings of the IEEE 77 4 1989
    • (1989) Proceedings of the IEEE , vol.77 , Issue.4
    • Murata, T.1
  • 57
    • 0038825675 scopus 로고    scopus 로고
    • Task-role-based access control model
    • S. Oh, and S. Park Task-role-based access control model Information Systems 28 6 2003
    • (2003) Information Systems , vol.28 , Issue.6
    • Oh, S.1    Park, S.2
  • 60
    • 79952454715 scopus 로고    scopus 로고
    • OMG, Meta Object Facility (MOF): Core Specification, Version 2.0, formal/06-01-01, The Object Management Group January
    • OMG, Meta Object Facility (MOF): Core Specification, Version 2.0, formal/06-01-01, The Object Management Group, January 2006, < http://www.omg.org/spec/MOF/2.0/ >.
    • (2006)
  • 67
    • 34247151648 scopus 로고    scopus 로고
    • A BPMN extension for the modeling of security requirements in business processes
    • DOI 10.1093/ietisy/e90-d.4.745
    • Alfonso Rodríguez, Eduardo Fernández-Medina, and Mario Piattini A BPMN extension for the modeling of security requirements in business processes IEICE Transactions on Information and Systems 90-D 4 2007 745 752 (Pubitemid 46600133)
    • (2007) IEICE Transactions on Information and Systems , vol.E90-D , Issue.4 , pp. 745-752
    • Rodriguez, A.1    Fernandez-Medina, E.2    Piattini, M.3
  • 68
    • 25144499038 scopus 로고    scopus 로고
    • Workflow resource patterns: Identification, representation and tool support
    • Advanced Information Systems Engineering: 17th International Conference, CAiSE 2005. Proceedings
    • N. Russell, W.M.P. van der Aalst, A.H.M. ter Hofstede, and D. Edmond Workflow resource patterns: identification, representation and tool support O. Pastor, J. Falcão e Cunha, Proceedings of the 17th International Conference on Advanced Information Systems Engineering, CAiSE 2005, Porto, Portugal, June 13-17, 2005 Lecture Notes in Computer Science vol. 3520 2005 Springer 216 232 (Pubitemid 41336105)
    • (2005) Lecture Notes in Computer Science , vol.3520 , pp. 216-232
    • Russell, N.1    Van Der Aalst, W.M.P.2    Ter Hofstede, A.H.M.3    Edmond, D.4
  • 71
    • 0028513932 scopus 로고
    • Access control: Principles and practice
    • R.S. Sandhu, and P. Samarati Access control: principles and practice IEEE Communications 32 9 1994
    • (1994) IEEE Communications , vol.32 , Issue.9
    • Sandhu, R.S.1    Samarati, P.2
  • 73
    • 33344465743 scopus 로고    scopus 로고
    • Model-driven engineering - Guest editor's introduction
    • Douglas C. Schmidt Model-driven engineering - guest editor's introduction Computer 39 2 2006
    • (2006) Computer , vol.39 , Issue.2
    • Schmidt, D.C.1
  • 74
    • 0141725660 scopus 로고    scopus 로고
    • The pragmatics of model-driven development
    • B. Selic The pragmatics of model-driven development IEEE Software 20 5 2003
    • (2003) IEEE Software , vol.20 , Issue.5
    • Selic, B.1
  • 75
    • 0141725642 scopus 로고    scopus 로고
    • Model transformation: The heart and soul of model-driven software development
    • S. Sendall, and W. Kozaczynski Model transformation: the heart and soul of model-driven software development IEEE Software 20 5 2003
    • (2003) IEEE Software , vol.20 , Issue.5
    • Sendall, S.1    Kozaczynski, W.2
  • 77
    • 33646027053 scopus 로고    scopus 로고
    • Specification and validation of authorisation constraints using UML and OCL
    • Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS), Springer Verlag
    • K. Sohr, G.J. Ahn, M. Gogolla, and L. Migge Specification and validation of authorisation constraints using UML and OCL Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS) Lecture Notes in Computer Science (LNCS) vol. 3679 2005 Springer Verlag
    • (2005) Lecture Notes in Computer Science (LNCS) , vol.3679
    • Sohr, K.1    Ahn, G.J.2    Gogolla, M.3    Migge, L.4
  • 80
    • 0346026383 scopus 로고    scopus 로고
    • Notable design patterns for domain-specific languages
    • PII S0164121200000893
    • D. Spinellis Notable design patterns for domain-specific languages Journal of Systems and Software 56 1 2001 91 99 (Pubitemid 33649529)
    • (2001) Journal of Systems and Software , vol.56 , Issue.1 , pp. 91-99
    • Spinellis, D.1
  • 82
  • 86
    • 77249095368 scopus 로고    scopus 로고
    • Scenario-driven role engineering
    • M. Strembeck Scenario-driven role engineering IEEE Security & Privacy 8 1 2010
    • (2010) IEEE Security & Privacy , vol.8 , Issue.1
    • Strembeck, M.1
  • 87
    • 78650098860 scopus 로고    scopus 로고
    • Generic algorithms for consistency checking of mutual-exclusion and binding constraints in a business process context
    • Proceedings of the 18th International Conference on Cooperative Information Systems (CoopIS), Springer Verlag
    • M. Strembeck, and J. Mendling Generic algorithms for consistency checking of mutual-exclusion and binding constraints in a business process context Proceedings of the 18th International Conference on Cooperative Information Systems (CoopIS) Lecture Notes in Computer Science (LNCS) vol. 6426 2010 Springer Verlag
    • (2010) Lecture Notes in Computer Science (LNCS) , vol.6426
    • Strembeck, M.1    Mendling, J.2
  • 89
    • 70349874815 scopus 로고    scopus 로고
    • An approach for the systematic development of domain-specific languages
    • M. Strembeck, and U. Zdun An approach for the systematic development of domain-specific languages Software: Practice and Experience (SP&E) 39 15 2009
    • (2009) Software: Practice and Experience (SP&E) , vol.39 , Issue.15
    • Strembeck, M.1    Zdun, U.2
  • 91
    • 0031387996 scopus 로고    scopus 로고
    • Team-based access control (TMAC): A primitive for applying role-based access controls in collaborative environments
    • R.K. Thomas, Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments, in: Proceedings of the ACM Workshop on Role Based Access Control, 1997.
    • (1997) Proceedings of the ACM Workshop on Role Based Access Control
    • Thomas, R.K.1
  • 92
    • 0002841051 scopus 로고    scopus 로고
    • Task-based authorization controls (TBAC): A family of models for active and enterprise-oriented authorization management
    • August
    • R.K. Thomas, R.S. Sandhu, Task-based authorization controls (TBAC): a family of models for active and enterprise-oriented authorization management, in: Proceedings of the IFIP WG11.3 Conference on Database Security, August 1997.
    • (1997) Proceedings of the IFIP WG11.3 Conference on Database Security
    • Thomas, R.K.1    Sandhu, R.S.2
  • 93
    • 0000974483 scopus 로고    scopus 로고
    • The state explosion problem
    • Lectures on Petri Nets I: Basic Models, Advances in Petri Nets, the volumes are based on the Advanced Course on Petri Nets, held in Dagstuhl, September 1996, Springer Verlag
    • A. Valmari The state explosion problem Lectures on Petri Nets I: Basic Models, Advances in Petri Nets, the volumes are based on the Advanced Course on Petri Nets, held in Dagstuhl, September 1996 Lecture Notes in Computer Science (LNCS) vol. 1491 1998 Springer Verlag
    • (1998) Lecture Notes in Computer Science (LNCS) , vol.1491
    • Valmari, A.1
  • 96
    • 35048840185 scopus 로고    scopus 로고
    • Specifying role-based access constraints with object constraint language
    • Proceedings of the 6th Asia-Pacific Conference Advanced Web Technologies and Applications, Springer Verlag
    • H. Wang, Y. Zhang, J. Cao, and J. Yang Specifying role-based access constraints with object constraint language Proceedings of the 6th Asia-Pacific Conference Advanced Web Technologies and Applications Lecture Notes in Computer Science (LNCS) vol. 3007 2004 Springer Verlag
    • (2004) Lecture Notes in Computer Science (LNCS) , vol.3007
    • Wang, H.1    Zhang, Y.2    Cao, J.3    Yang, J.4
  • 98
    • 33750014264 scopus 로고    scopus 로고
    • On the suitability of BPMN for business process modelling
    • Proceedings of the 4th International Conference on Business Process Management (BPM), Springer Verlag
    • P. Wohed, W.M.P. van der Aalst, M. Dumas, A.H.M. ter Hofstede, and N. Russell On the suitability of BPMN for business process modelling Proceedings of the 4th International Conference on Business Process Management (BPM) Lecture Notes in Computer Science (LNCS) vol. 4102 2006 Springer Verlag
    • (2006) Lecture Notes in Computer Science (LNCS) , vol.4102
    • Wohed, P.1    Van Der Aalst, W.M.P.2    Dumas, M.3    Ter Hofstede, A.H.M.4    Russell, N.5
  • 100
    • 38049132539 scopus 로고    scopus 로고
    • Modeling of task-based authorization constraints in BPMN
    • 5th International Conference on Business Process Management (BPM)
    • C. Wolter, and A. Schaad Modeling of task-based authorization constraints in BPMN G. Alonso, P. Dadam, M. Rosemann, 5th International Conference on Business Process Management (BPM) Lecture Notes in Computer Science vol. 4714 2007 Springer 64 79
    • (2007) Lecture Notes in Computer Science , vol.4714 , pp. 64-79
    • Wolter, C.1    Schaad, A.2
  • 101
    • 44849101712 scopus 로고    scopus 로고
    • Patterns of component and language integration
    • U. Zdun Patterns of component and language integration D. Manolescu, M. Voelter, J. Noble, Pattern Languages of Program Design vol. 5 2006 Addison Wesley
    • (2006) Pattern Languages of Program Design , vol.5
    • Zdun, U.1
  • 102
    • 33749389718 scopus 로고    scopus 로고
    • Modeling composition in dynamic programming environments with model transformations
    • Proceedings of the 5th International Symposium on Software Composition, Springer-Verlag
    • U. Zdun, and M. Strembeck Modeling composition in dynamic programming environments with model transformations Proceedings of the 5th International Symposium on Software Composition Lecture Notes in Computer Science (LNCS) vol. 4089 2006 Springer-Verlag
    • (2006) Lecture Notes in Computer Science (LNCS) , vol.4089
    • Zdun, U.1    Strembeck, M.2


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.