Workflow access control from A business perspective

ICEIS 2004 - Proceedings of the Sixth International Conference on Enterprise Information Systems

Volumn , Issue , 2004, Pages 18-25

  Domingos, Dulce ^a,b   Rito Silva, António ^b   Veiga, Pedro ^a  

^a UNIVERSITY OF LISBON   (Portugal)

^b INESC ID   (Portugal)

Author keywords

Business modelling; Workflow access control

Indexed keywords

COMPUTER SIMULATION; CONSTRAINT THEORY; DATA PROCESSING; IDENTIFICATION (CONTROL SYSTEMS); INFORMATION MANAGEMENT; INFORMATION RETRIEVAL SYSTEMS;

BUSINESS MODELLING; BUSINESS PROCESS MODELS; WORK ANALYSIS REFINEMENT MODELLING (WARM); WORKFLOW ACCESS CONTROL;

CONTROL SYSTEMS;

EID: 8444249279     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (21)

1. Atluri, V., & Huang, W. (1996). An authorization Model for workflows. In Proceedings of the 5th European symposium on research in computer security. Rome, Italy, pp 44-64.
2. Bertino, E., Ferrari, E., & Atluri, V. (1999). The specification and enforcement of authorization constraint in workflow management systems. ACM Transactions on Information and System Security, vol. 2, n°1, pp. 65-104.
3. Bittner, K., Spence, I., & Jacobson, I. (2002). Use Case Modeling, Addison Wesley Professional.
4. Botha, R.A., & Eloff, J.H.P. (200la). Designing Role Hierarchies for Access Control In Workflow Systems. In Proceedings of the 25th Annual International Computer Software and Applications Conference (COMPSAC'01), Chicago, Illinois.
5. Botha, R.A., & Eloff, J.H.P. (2001b). Separation of Duties for Access Control in Workflow Environments. IBM Systems Journal, vol. 40, no. 3, pp. 666-682.
6. Casati, F., Castano, S. & Fugini, M. (1999). Managing Workflow Authorization Constraints through Active Database Technology. Information Systems Frontiers, 3, 3.
7. Eriksson, H., & Penker, M. (2000). Business Modeling with UML, Business Patterns at Work. John Wiley & Sons.
8. Fernandez, E.B., & Hawkins, J.C. (November 1997). Determining role rights from use cases. In Proceedings of the 2nd ACM Workshop on Role-Based Access Control, pp. 121-125.
9. Foote, B., & Yoder, J. (August 1998). Metadata and Active Objects-Models. In Proceedings of the Fifth Conference on Pattern Languages of Programs (PLOP 98). Illinois, USA.
10. Holbein, R., Teufel, S., & Bauknecht, K. (1996a). A Formal Security Design Approach for Information Exchange in Organisations. In proceedings of the 9th annual IFIP TC11 WG11.3 working conference on Database security DC : status and prospects. 267-285.
11. Holbein, R., Teufel, S., & Bauknecht, K. (1996b). The use of business process models for security design in organisations. In Proceedings of 20th International Conference on Information Security (IFIP SEC96 TC 11), Samos, Greece, Chapman & Hall, London, UK, 13-22.
12. Hollingsworth, D. (1995). The Workflow Reference Model. Document Number TC-00-1003. Issue 1.1.
13. Kandala, S., & Sandhu, R. (2001). Secure Role-Based Workflow Models. In Proceedings of the 15th Annual IFIP WG 11.3. Canada.
14. Kang, M., Park, J. & Froscher, J. (2001). Access Control Mechanisms for Inter-Organizational Workflow. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies, Chantilly, VA, 66-74.
15. Manolescu, D. (2001). Micro-workflow: a workflow architecture supporting compositional object-oriented software development. PhD Thesis. University of Illinois at Urbana-Champaign.
16. Miller, J., Fan, M., Wu, S., Arpinar, I., Sheth, A. & Kochut, K. (1999). Security for the METEOR Workflow Management System. Technical Report #UGA-CS-LSDIS-TR-99-010, University of Georgia, 33 pages.
17. Nitsche, U., Holbein, R., Morger, O., & Teufel, S. (1998). Realization of a Context-Dependent Access Control Mechanism on a Commercial Platform. In Proceedings of the 14th Int. Information Security Conf. IFIP/Sec'98, part of the 15th IFIP World Computer Congress, pp 160-170.
18. Sandhu, R., Coyne, E., Feinstein, H. & Youman, C. (1996). 'Role-Based Access Control Models'. IEEE Computer, vol. 29, no. 2.
19. Sharp, A., & McDermott, P. (2002). Workflow Modeling: Tools for Process Improvement and Application Development. Artech House.
20. Thomas, R., & Sandhu, R. (1997). Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management. In proceedings of the IFIP WG11.3 Workshop on Database Security, Lake Tahoe, California.
21. Vieira, P., & Rito-Silva, A. (2003). Work Analysis Refinement Modeling. INESC-ID Technical Report.