Deriving XACML Policies from Business Process Models

Christian Wolter, Andreas Schaad and Christoph Meinel

View Related Documents

Book Chapter
Modeling of Task-Based Authorization Constraints in BPMN
Christian Wolter and Andreas Schaad
Lecture Notes in Computer Science, 2007, Volume 4714, Business Process Management, Pages 64-79
- Download PDF (1.0 MB)
Journal Article
Role-Based Access Control in a Data Grid Using the Storage Resource Broker and Shibboleth
Vineela Muppavarapu and Soon M. Chung
Journal of Grid Computing, 2009, Volume 7, Number 2, Pages 265-283
- Download PDF (409.9 KB)
Book Chapter
Securing Workflows with XACML, RDF and BPEL
Vijayant Dhankhar, Saket Kaushik and Duminda Wijesekera
Lecture Notes in Computer Science, 2008, Volume 5094, Data and Applications Security XXII, Pages 330-345
- Download PDF (271.2 KB)
Book Chapter
Access Control for Business Processes
Elisa Bertino, Lorenzo D. Martino, Federica Paci and Anna C. Squicciarini
2010, Security for Web Services and Service-Oriented Architectures, Pages 159-177
- Download PDF (572.2 KB)
Book Chapter
A Semantic-Aware Attribute-Based Access Control Model for Web Services
Haibo Shen
Lecture Notes in Computer Science, 2009, Volume 5574, Algorithms and Architectures for Parallel Processing, Pages 693-703
- Download PDF (213.8 KB)
Book Chapter
Formal Specification and Automatic Analysis of Business Processes under Authorization Constraints: An Action-Based Approach
Alessandro Armando, Enrico Giunchiglia and Serena Elisa Ponta
Lecture Notes in Computer Science, 2009, Volume 5695, Trust, Privacy and Security in Digital Business, Pages 63-72
- Download PDF (182.5 KB)
Book Chapter
Defining and Measuring Policy Coverage in Testing Access Control Policies
Evan Martin, Tao Xie and Ting Yu
Lecture Notes in Computer Science, 2006, Volume 4307, Information and Communications Security, Pages 139-158
- Download PDF (391.7 KB)
Book Chapter
Using Microsoft Office InfoPath to Generate XACML Policies
Manuel Sanchez, Gabriel Lopez, Antonio F. Gomez-Skarmeta and Oscar Canovas
Communications in Computer and Information Science, 1, Volume 9, E-Business and Telecommunication Networks, II, Pages 134-145
- Download PDF (1.9 MB)
Book Chapter
Verification of Business Process Entailment Constraints Using SPIN
Christian Wolter, Philip Miseldine and Christoph Meinel
Lecture Notes in Computer Science, 2009, Volume 5429, Engineering Secure Software and Systems, Pages 1-15
- Download PDF (661.7 KB)
Book Chapter
Specifying and Composing Concerns Expressed in Domain-Specific Modeling Languages
Aram Hovsepyan, Stefan Van Baelen, Yolande Berbers and Wouter Joosen
Lecture Notes in Business Information Processing, 1, Volume 33, Objects, Components, Models and Patterns, Part 3, Pages 116-135
- Download PDF (842.5 KB)

Abstract

The Business Process Modeling Notation (BPMN) has become a defacto standard for describing processes in an accessible graphical notation. The eXtensible Access Control Markup Language (XACML) is an OASIS standard to specify and enforce platform independent access control policies.

In this paper we define a mapping between the BPMN and XACML meta-models to provide a model-driven extraction of security policies from a business process model. Specific types of organisational control and compliance policies that can be expressed in a graphical fashion at the business process modeling level can now be transformed into the corresponding task authorizations and access control policies for process-aware information systems.

As a proof of concept, we extract XACML access control policies from a security augmented banking domain business process. We present an XSLT converter that transforms modeled security constraints into XACML policies that can be deployed and enforced in a policy enforcement and decision environment. We discuss the benefits of our modeling approach and outline how XACML can support task-based compliance in business processes.

Keywords Policy Definition - Integration - Enforcement - Separation of Duties Business Process Modeling - eXtensible Access Control Markup Language

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

Deriving XACML Policies from Business Process Models

View Related Documents

Abstract

Fulltext Preview