John C. Mace

Learn More
Workflows capture complex operational processes and include security constraints limiting which users can perform which tasks. An improper security policy may prevent certain tasks being assigned and may force a policy violation. Deciding whether a valid user-task assignment exists for a given policy is known to be extremely complex, especially when(More)
Workflows are complex operational processes that include security constraints restricting which users can perform which tasks. An improper user-task assignment may prevent the completion of the work-flow, and deciding such an assignment at runtime is known to be complex, especially when considering user unavailability (known as the resiliency problem).(More)
This paper explores the need for a collaborative development tool to allow information security experts to capture their interrelated knowledge in an ontology. Such a tool would enable organisations to make more informed security policy decisions around shared security issues. However, population of ontologies can be time-consuming and error-prone, and(More)
Computing a user-task assignment for a workflow coming with probabilistic user availability provides a measure of completion rate or resiliency. To a workflow designer this indicates a risk of failure, especially useful for workflows which cannot be changed due to rigid security constraints. Furthermore, resiliency can help outline a mitigation strategy(More)
  • 1