2001
DOI: 10.1147/sj.403.0666
|View full text |Cite
|
Sign up to set email alerts
|

Separation of duties for access control enforcement in workflow environments

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
80
0
2

Year Published

2002
2002
2010
2010

Publication Types

Select...
7

Relationship

0
7

Authors

Journals

citations
Cited by 146 publications
(82 citation statements)
references
References 22 publications
0
80
0
2
Order By: Relevance
“…An example is the common practice to separate the "controller" role and the "chief buyer" role in medium-sized and large companies. In this context, a task-based SOD constraint is a constraint that considers task order and task history in a particular process instance to decide if a certain subject or role is allowed to perform a certain task [3,17,19]. Task-based SOD constraints can be static or dynamic.…”
Section: Mutual Exclusion and Binding Constraintsmentioning
confidence: 99%
See 1 more Smart Citation
“…An example is the common practice to separate the "controller" role and the "chief buyer" role in medium-sized and large companies. In this context, a task-based SOD constraint is a constraint that considers task order and task history in a particular process instance to decide if a certain subject or role is allowed to perform a certain task [3,17,19]. Task-based SOD constraints can be static or dynamic.…”
Section: Mutual Exclusion and Binding Constraintsmentioning
confidence: 99%
“…In the context of business process management, mutual exclusion and binding constraints are an important means to assist the specification of business processes and to control the execution of workflows. In particular, they are used to enforce process-related separation of duty (SOD) and binding of duty (BOD) policies with respect to a corresponding role-based access control (RBAC) model (see, e.g., [1,3,4,17,18]). A number of approaches exist that allow for the formal specification and analysis of process-related access control policies and constraints (see, e.g., [2,8,17]).…”
Section: Introductionmentioning
confidence: 99%
“…Uncontrolled changes of an org. model, for example, may violate semantical constraints like separation of duty (SoD) or mutual exclusion [27,28,46,47]. Among other things, this may result in security gaps.…”
Section: Discussionmentioning
confidence: 99%
“…Specification of rules that account for all possible executable workflows originating from a service composition may be tiresome and error-prone. Definition of separation of duties for task execution [4,13] may also help the user to avoid services to access conflicting data. Still, such solutions usually require that roles are well-defined among workflow participants and this is not always possible in open environments.…”
Section: Related Workmentioning
confidence: 99%
“…Some solutions assume environments under a single administrative domain and propose mechanisms for specification of separation of duties in control flows [4,13], while others enable specification of access control constraints on the data flow [6]. Pervasive computing environments, however, are more dynamic and hardly ever the exact user-defined workflow can be constructed with available services.…”
Section: Introductionmentioning
confidence: 99%