Run-time monitors are crucial to the development of security-aware Workflow management systems, which need to mediate access to their resources by enforcing authorization policies and constraints, such as Separation of Duty. In this paper, we introduce a precise technique to synthesize run-time monitors capable of ensuring the successful termination of Workflows while enforcing authorization policies and constraints. An extensive experimental evaluation shows the scalability of our technique on the important class of hierarchically specified security-sensitive Workflows with several hundreds of tasks.

Automated synthesis of run-time monitors to enforce authorization policies in business processes / Bertolissi, C.; Dos Santos, D. R.; Ranise, S.. - (2015), pp. 297-308. (Intervento presentato al convegno 10th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2015 tenutosi a sgp nel 2015) [10.1145/2714576.2714633].

Automated synthesis of run-time monitors to enforce authorization policies in business processes

Ranise S.
2015-01-01

Abstract

Run-time monitors are crucial to the development of security-aware Workflow management systems, which need to mediate access to their resources by enforcing authorization policies and constraints, such as Separation of Duty. In this paper, we introduce a precise technique to synthesize run-time monitors capable of ensuring the successful termination of Workflows while enforcing authorization policies and constraints. An extensive experimental evaluation shows the scalability of our technique on the important class of hierarchically specified security-sensitive Workflows with several hundreds of tasks.
2015
ASIACCS 2015 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security
United States
Association for Computing Machinery
9781450332453
Bertolissi, C.; Dos Santos, D. R.; Ranise, S.
Automated synthesis of run-time monitors to enforce authorization policies in business processes / Bertolissi, C.; Dos Santos, D. R.; Ranise, S.. - (2015), pp. 297-308. (Intervento presentato al convegno 10th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2015 tenutosi a sgp nel 2015) [10.1145/2714576.2714633].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333106
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 17
  • ???jsp.display-item.citation.isi??? ND
  • OpenAlex ND
social impact