Identity business processes
@article{Mller2014IdentityBP,
title={Identity business processes},
author={Jens M{\"u}ller and Klemens B{\"o}hm},
journal={Int. J. Trust. Manag. Comput. Commun.},
year={2014},
volume={2},
pages={40-77}
}To facilitate information-system security, e.g., access control or audit, the entities involved play a key role. This makes identity management an important task. The success of service-oriented architectures (SOA) has lead to the development of federated identity management (FIM), to deal with the dynamic nature of SOA and to achieve economies of scale. Business processes in SOA are a composition of services provided by IT systems and manual actions performed by humans. Such compositions…
One Citation
Security Mechanisms for Workflows in Service-Oriented Architectures
- Computer Science
- 2015
Eine Architektur fur die sichere Ausfuhrung von Workflows and the Integration with Identitatsmanagement-Systemen entwickelt, die neue Anwendungen mit verbesserter Sicherheit and Privatsphare ermoglicht.
References
SHOWING 1-10 OF 25 REFERENCES
The Architecture of a Secure Business-Process-Management System in Service-Oriented Environments
- Computer Science2011 IEEE Ninth European Conference on Web Services
- 2011
The core contribution of this paper is to propose how to extend the WfMC reference architecture for BPMS to accomplish this, and the resulting architecture is generic and integrates with existing SOA technologies like federated identity management.
Security Requirements Specification in Service-Oriented Business Process Management
- Computer Science2009 International Conference on Availability, Reliability and Security
- 2009
This paper introduces security elements for business process modelling which allow to evaluate the trustworthiness of participants based on a rating of enterprise assets and to express security intentions such as confidentiality or integrity on an abstract level.
An integrated approach for identity and access management in a SOA context
- Computer ScienceSACMAT '11
- 2011
An approach for identity and access management (IAM) in the context of (cross-organizational) service-oriented architectures (SOA) that enables (non-technical) domain experts to participate in defining and maintaining IAM policies in a SOA context is presented.
Identity Attribute-Based Role Provisioning for Human WS-BPEL Processes
- Computer Science2009 IEEE International Conference on Web Services
- 2009
RBAC-WS-BPEL is extended with an identity attribute-based role provisioning approach that preserves the privacy of the users who claim the execution of human activities and uses Pedersen commitments, aggregated zero knowledge proof of knowledge, and Oblivious Commitment-Based Envelope protocols to achieve privacy of user identity information.
Attributed based access control (ABAC) for Web services
- Computer ScienceIEEE International Conference on Web Services (ICWS'05)
- 2005
The paper describes the ABAC model in terms of its authorization architecture and policy formulation, and makes a detailed comparison between ABAC and traditional role-based models, which clearly shows the advantages of ABAC.
A BPMN Extension for the Modeling of Security Requirements in Business Processes
- Computer ScienceIEICE Trans. Inf. Syst.
- 2007
The Business Process Modeling Notation extension for modeling secure business process through Business Process Diagrams is summarized and an approach to a typical health-care business process is applied.
Security for Web Services and Service-Oriented Architectures
- Computer Science
- 2009
Elisa Bertino and her coauthors provide a comprehensive guide to security for Web services and SOA, covering in detail all recent standards that address Web service security, including XML Encryption, XML Signature, WS-Security, and WS-SecureConversation.
The consistency of task-based authorization constraints in workflow
- Computer ScienceProceedings. 17th IEEE Computer Security Foundations Workshop, 2004.
- 2004
A model for constrained workflow systems that includes local and global cardinality constraints, separation ofduty constraints and binding of duty constraints is defined, and the notion of a workflow specification and of a constrained workflow authorization schema are defined.
Multi-session Separation of Duties (MSoD) for RBAC
- Computer Science2007 IEEE 23rd International Conference on Data Engineering Workshop
- 2007
This paper proposes multi-session SoD policies for business processes which include multiple tasks enacted by multiple users over many user access control sessions, and explores the means to define MSoD policies in RBAC via multi- Session mutually exclusive roles (MMER) and multi- session mutually exclusive privileges (MMEP).
Access Control and Authorization Constraints for WS-BPEL
- Computer Science2006 IEEE International Conference on Web Services (ICWS'06)
- 2006
The RBAC-WS-BPEL and BPCL languages are developed, which provide for the specification of authorization information associated with a business process specified in WS- BPEL, while BPCL provides for the articulation of authorization constraints.