Maria Leitner

Learn More
Process-Aware Information Systems (PAIS) enable the definition, execution, and management of business processes. Typically, processes are specified by control flow, data flow, and users or services , authorized to execute process tasks. During process execution, it is often necessary to access sensitive data such as patient or customer information. To(More)
—Flexibility is one of the key challenges for Work-flow Systems nowadays. Typically, a workflow covers the following four aspects which might all be subject to change: control flow, data flow, organizational structures, and application components (services). Existing work in research and practice shows that changes must be applied in a controlled manner in(More)
Context: Security in Process-Aware Information Systems (PAIS) has gained increased attention in current research and practice. However, a common understanding and agreement on security is still missing. In addition, the proliferation of literature makes it cumbersome to overlook and determine state of the art and further to identify research challenges and(More)
Currently, many approaches address the enforcement and monitoring of constraints over business processes. However, main focus has been put on constraint verication for intra-instance process constraints so far, i.e., constraints that aect single instances. Existing approaches addressing instance-spanning constraints only consider certain scenarios. In other(More)
Providing adequate access control is crucial for the proper execution of any Web Service (WS) orchestration. Typically, access rules and authorization constraints are defined for a WS orchestration and are resolved over an organizational model at runtime in order to find authorized users to perform orchestration tasks. As known from many practical studies,(More)
—Enabling security is one of the key challenges in adaptive Process-Aware Information Systems (PAIS). Since automating business processes involves many participants, uses private and public data, and communicates with external services security becomes inevitable. In current systems, security is enforced by an access control model and supplementary(More)
—Enhancing existing business process modeling languages with security concepts has attracted increased attention in research and several graphical notations and symbols have been proposed. How these extensions can be comprehended by users has not been evaluated yet. However , the comprehensibility of security concepts integrated within business process(More)
In recent years, business process models are used to dene security properties for the corresponding business information systems. In this context, a number of approaches emerged that integrate security properties into standard process modeling languages. Often, these security properties are depicted as text annotations or graphical extensions. However,(More)
—Quality-of-Service (QoS) aware service selection problems are a crucial issue in both Grids and distributed, service-oriented systems. When several implementations per service exist, one has to be selected for each workflow step. Several heuristics have been proposed, including blackboard and genetic algorithms. Their applicability and performance has(More)