The workflow of a Virtual Organization is often divided into fragments that are run by different entities having different clearance level or accessibility permissions. Therefore, an important issue is a decomposition of the overall business process into workflow views that can be outsourced to the side of the corresponding contractors. In this paper, we introduce the notion of business process security view and present an algorithm for the automatic derivation of such views from a security specification that may express conditional accessibility based on the actual data flowing across business process. Our solution borrows the idea of virtual views from relational database views. We also discuss an architecture and an implementation for workflow view synchronization. Copyright 2008 ACM.
Security views for outsourced business processes
Massacci, Fabio;Rasadka, Natallia
2008-01-01
Abstract
The workflow of a Virtual Organization is often divided into fragments that are run by different entities having different clearance level or accessibility permissions. Therefore, an important issue is a decomposition of the overall business process into workflow views that can be outsourced to the side of the corresponding contractors. In this paper, we introduce the notion of business process security view and present an algorithm for the automatic derivation of such views from a security specification that may express conditional accessibility based on the actual data flowing across business process. Our solution borrows the idea of virtual views from relational database views. We also discuss an architecture and an implementation for workflow view synchronization. Copyright 2008 ACM.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
