Modeling Support for Delegating Roles, Tasks, and Duties in a Process-Related RBAC Context

Schefer, Sigrid; Strembeck, Mark

doi:10.1007/978-3-642-22056-2_67

Cited by 6 publications

(8 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, this extension does not have any particular connection to process diagrams. In addition, several approaches exist to integrate various security aspects, such as role-based access control concepts [31,32,33] or data integrity and data confidentiality [25] into UML Activity diagrams. However, in contrast to the approach presented in this paper, all other security visualizations only represent presentation options.…”

Section: Discussionmentioning

confidence: 99%

An Experimental Study on the Design and Modeling of Security Concepts in Business Processes

Leitner¹,

Schefer-Wenzl²,

Rinderle-Ma³

et al. 2013

Lecture Notes in Business Information Processing

Self Cite

View full text Add to dashboard Cite

Abstract. In recent years, business process models are used to define security properties for the corresponding business information systems. In this context, a number of approaches emerged that integrate security properties into standard process modeling languages. Often, these security properties are depicted as text annotations or graphical extensions. However, because the symbols of process-related security properties are not standardized, different issues concerning the comprehensibility and maintenance of the respective models arise. In this paper, we present the initial results of an experimental study on the design and modeling of 11 security concepts in a business process context. In particular, we center on the semantic transparency of the visual symbols that are intended to represent the different concepts (i.e. the one-to-one correspondence between the symbol and its meaning). Our evaluation showed that various symbols exist which are well-perceived. However, further studies are necessary to dissolve a number of remaining issues.

show abstract

Section: Discussionmentioning

confidence: 99%

An Experimental Study on the Design and Modeling of Security Concepts in Business Processes

Leitner¹,

Schefer-Wenzl²,

Rinderle-Ma³

et al. 2013

Lecture Notes in Business Information Processing

Self Cite

View full text Add to dashboard Cite

show abstract

“…Our integrated modeling approach for delegation policies and corresponding processes acts as an enabler to document and communicate more efficiently which delegation aspects need to be considered when executing a certain process. To achieve this, we consolidate and extend our previous publications from Schefer and Strembeck (2011b) and Schefer-Wenzl et al (2012): Our approach is based on a metamodel which formally integrates the core elements of process models and delegation models for roles, tasks, and duties (see Fig. 2).…”

Section: Introductionmentioning

confidence: 94%

Modeling Support for Role-Based Delegation in Process-Aware Information Systems

Schefer-Wenzl

Strembeck²

2014

Bus Inf Syst Eng

Self Cite

View full text Add to dashboard Cite

The paper presents an integrated approach for the modeling and enforcement of delegation policies in process-aware information systems. Based on a generic formal metamodel, the detection of delegation-related conflicts is discussed and a set of pre-defined resolution strategies for these conflicts is provided. Moreover, a corresponding UML extension, a prototypical proof of concept implementation, and a case study with real-world business processes is provided.

show abstract

“…A SOD constraint defines that two permissions/tasks must not be assigned to (or activated/performed by) the same subject, while a BOD constraint defines that two bound permissions/tasks need to be assigned to the same subject or role. Furthermore, some approaches offer modeling support to visualize the respective concepts, some approaches (also) provide corresponding tool support for enforcing delegation or break-glass policies (see, e.g., [37,38,42]). This variety presents a challenge for researchers working in this field or wishing to quickly grasp the state of research.…”

Section: Development Of the Research Areamentioning

confidence: 99%

“…In [37,40], an approach to model the delegation of roles, tasks, and duties in UML Activity diagrams is introduced. In addition, algorithms are introduced to systematically check for conflicts before delegating tasks, duties, and roles in a business process context at design-and runtime.…”

Section: Comparison Of Delegation Approachesmentioning

confidence: 99%

A Review of Delegation and Break-Glass Models for Flexible Access Control Management

Schefer-Wenzl

Bukvova²,

Strembeck³

2014

Business Information Systems Workshops

Self Cite

View full text Add to dashboard Cite

Abstract. Access control models provide an important means for the systematic specification and management of the permissions in a business information system. While a number of well-known access control models exists (such as the role-based access control model, for example), standard access control models are often not suited for handling exceptional situations. In this context, the demand to increase the flexibility of access management has especially been approached via the development of delegation models and break-glass models. This paper presents the results of a literature review for 329 delegation and break-glass approaches. We give an overview on the existing body of scientific literature in these two areas and compare 35 selected approaches in detail. In our literature review, we revealed different ways of providing delegation and break-glass concepts in general as well as in the context of business process management. Moreover, we identified different sub-topics that have not yet been addressed in detail and thus provide opportunities for future research.

show abstract

Modeling Support for Delegating Roles, Tasks, and Duties in a Process-Related RBAC Context

Cited by 6 publications

References 17 publications

An Experimental Study on the Design and Modeling of Security Concepts in Business Processes

An Experimental Study on the Design and Modeling of Security Concepts in Business Processes

Modeling Support for Role-Based Delegation in Process-Aware Information Systems

A Review of Delegation and Break-Glass Models for Flexible Access Control Management

Contact Info

Product

Resources

About