loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Vahid R. Karimi and Donald D. Cowan

Affiliation: University of Waterloo, Canada

Keyword(s): Access control models and policies, Business processes, Patterns, RBAC, REA.

Related Ontology Subjects/Areas/Topics: Access Control ; Data Engineering ; Databases and Data Security ; Information and Systems Security ; Internet Technology ; Secure Software Development Methodologies ; Security Engineering ; Security in Information Systems ; Security Information Systems Architecture and Design and Security Patterns ; Web Information Systems and Technologies

Abstract: A business model describes certain operations of an enterprise, and an important aspect of business operations deals with the specification of access control policies, which are used to constrain the business operations by adding what should, could, or must be. We describe the use of patterns for presenting access control models and policies. Our goal is to specify access control policies such that they are based on access control models and have the capability of policy languages, thereby making the foundational blocks of these policies and operational models identical. Thus, the integration of these policies into operational models is straightforward. To show our approach, we use Role-based Access Control (RBAC), a well-known access control model, and also select a business process model whose foundational building blocks are Resources, Events, and Agents (REA). We make three main contributions: 1) the use of the same foundational building blocks and similar models to describe busi ness processes and access control models, 2) access control policies that are based on an access control model, and 3) access control policies that are rule-based and akin to policy languages. As a result, such models are more understandable, and their future modifications are more straightforward. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.144.237.3

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
R. Karimi, V. and D. Cowan, D. (2010). ACCESS CONTROL MODELS FOR BUSINESS PROCESSES. In Proceedings of the International Conference on Security and Cryptography (ICETE 2010) - SECRYPT; ISBN 978-989-8425-18-8; ISSN 2184-3236, SciTePress, pages 489-498. DOI: 10.5220/0002959904890498

@conference{secrypt10,
author={Vahid {R. Karimi}. and Donald {D. Cowan}.},
title={ACCESS CONTROL MODELS FOR BUSINESS PROCESSES},
booktitle={Proceedings of the International Conference on Security and Cryptography (ICETE 2010) - SECRYPT},
year={2010},
pages={489-498},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002959904890498},
isbn={978-989-8425-18-8},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography (ICETE 2010) - SECRYPT
TI - ACCESS CONTROL MODELS FOR BUSINESS PROCESSES
SN - 978-989-8425-18-8
IS - 2184-3236
AU - R. Karimi, V.
AU - D. Cowan, D.
PY - 2010
SP - 489
EP - 498
DO - 10.5220/0002959904890498
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic