Title :
Secure Business Processes in Service-Oriented Architectures -- A Requirements Analysis
Author :
Müller, Jens ; Mülle, Jutta ; Von Stackelberg, Silvia ; Böhm, Klemens
Author_Institution :
Inst. for Program Struct. & Data Organ., Karlsruhe Inst. of Technol., Karlsruhe, Germany
Abstract :
Business-process-management systems are increasingly used in service-oriented architectures (SOA), coordinating activities of loosely coupled information systems, of web services, and of human actors. This often requires exchanging and processing sensitive, personally-identifiable information, e.g., in e-employability and e-health applications. Supporting security in such a service-oriented environment is challenging. Existing approaches focus on security in service-oriented architectures but neglect business-process specific characteristics. Motivated by a real-world business process from the e-employability domain, in this paper we collect security requirements, exploiting the specific properties and semantics of business processes. We evaluate the requirements with respect to the state of the art of suitable security mechanisms and identify possible solutions as well as remaining gaps. We see this article as an important prerequisite for the design and implementation of advanced security mechanisms for business processes.
Keywords :
authorisation; business data processing; formal specification; information systems; service-oriented architecture; SOA; Web services; business process management system; e-employability domain; information system; requirements analysis; secure business processes; security requirement; service-oriented architecture; business process management; security; service-oriented architectures;
Conference_Titel :
Web Services (ECOWS), 2010 IEEE 8th European Conference on
Conference_Location :
Ayia Napa
Print_ISBN :
978-1-4244-9397-5
DOI :
10.1109/ECOWS.2010.24
