Controlling Usage in Business Process Workflows through Fine-Grained Security Policies

Conference Paper

Publication Date:

2008

abstract:

We propose a language for expressing fine-grained security policies for controlling orchestrated business processes modelled as a BPEL workflow. Our policies are expressed as a process algebra that permits a BPEL activity, denies it or force-terminates it. The outcome is evaluates with compensation contexts. Finally, we give an example of these policies in a distributed map processing scenario such that the policies constrain service interactions in the workflow according to the security requirements of each entity participating in the workflow.

Iris type:

04.01 Contributo in Atti di convegno

Keywords:

Business Processes; Fine-grained Security Policies; Workflow Monitoring

List of contributors:

Matteucci, Ilaria; Martinelli, Fabio; Mori, Paolo

Authors of the University:

MARTINELLI FABIO

MATTEUCCI ILARIA

MORI PAOLO

Handle:

https://iris.cnr.it/handle/20.500.14243/75912

Book title:

Trust, Privacy and Security in Digital Business, 5th International Conference, TrustBus 2008, Turin, Italy, September 4-5, 2008, Proceedings

Overview

URL

http://link.springer.com/chapter/10.1007%2F978-3-540-85735-8_11

Controlling Usage in Business Process Workflows through Fine-Grained Security Policies

Matteucci, Ilaria; Martinelli, Fabio; Mori, Paolo

Overview

URL