DocumentCode
2877012
Title
An XACML Extension for Business Process-Centric Access Control Policies
Author
Wolter, Christian ; Weiß, Christian ; Meinel, Christoph
Author_Institution
SAP Res. CEC Karlsruhe, Karlsruhe, Germany
fYear
2009
fDate
20-22 July 2009
Firstpage
166
Lastpage
169
Abstract
Administrative controls exist to ensure that business activities are correctly managed and controlled according to corporate and legal regulations. With many organisations reliant on complex IT solutions these controls relate to functionality of software. In this paper we present an extension for business process models to express administrative controls, such as role-based, mandatory or dynamic separation of duty access control policies on the abstraction level of business process models. A model-driven approach is applied to generate platform-specific policies. As an example we utilise the eXtensible Access Control Markup Language (XACML).
Keywords
authorisation; business data processing; corporate modelling; XACML; administrative controls; business activity; business process model; business process-centric access control policy; corporate regulation; duty access control; eXtensible Access Control Markup Language; legal regulation; role-based access control; Access control; Business communication; Communication system security; Control systems; Customer profiles; Data security; Information security; Information systems; Insurance; Protection; Access Control; Business Process; Model-Driven; XACML;
fLanguage
English
Publisher
ieee
Conference_Titel
Policies for Distributed Systems and Networks, 2009. POLICY 2009. IEEE International Symposium on
Conference_Location
London
Print_ISBN
978-0-7695-3742-9
Electronic_ISBN
978-0-7695-3742-9
Type
conf
DOI
10.1109/POLICY.2009.21
Filename
5197402
Link To Document