We introduce a new class of analysis problems, called Scenario Finding Problems (SFPs), for security-sensitive business processes that - besides execution constraints on tasks - define access control policies (constraining which users can execute which tasks) and authorization constraints (such as Separation of Duty). The solutions to SFPs are concrete execution scenarios that assist customers in the reuse and deployment of security-sensitive workflows. We study the relationship of SFPs to well-known properties of security-sensitive processes such as Workflow Satisfiability and Resiliency together with their complexity. Finally, we present a symbolic approach to solving SFPs and describe our experience with a prototype implementation on real-world business process models taken from an on-line library.

Automatically finding execution scenarios to deploy security-sensitive workflows / Dos Santos, D. R.; Ranise, S.; Compagna, L.; Ponta, S. E.. - In: JOURNAL OF COMPUTER SECURITY. - ISSN 0926-227X. - 25:3(2017), pp. 255-282. [10.3233/JCS-16894]

Automatically finding execution scenarios to deploy security-sensitive workflows

Ranise S.;
2017-01-01

Abstract

We introduce a new class of analysis problems, called Scenario Finding Problems (SFPs), for security-sensitive business processes that - besides execution constraints on tasks - define access control policies (constraining which users can execute which tasks) and authorization constraints (such as Separation of Duty). The solutions to SFPs are concrete execution scenarios that assist customers in the reuse and deployment of security-sensitive workflows. We study the relationship of SFPs to well-known properties of security-sensitive processes such as Workflow Satisfiability and Resiliency together with their complexity. Finally, we present a symbolic approach to solving SFPs and describe our experience with a prototype implementation on real-world business process models taken from an on-line library.
2017
3
Dos Santos, D. R.; Ranise, S.; Compagna, L.; Ponta, S. E.
Automatically finding execution scenarios to deploy security-sensitive workflows / Dos Santos, D. R.; Ranise, S.; Compagna, L.; Ponta, S. E.. - In: JOURNAL OF COMPUTER SECURITY. - ISSN 0926-227X. - 25:3(2017), pp. 255-282. [10.3233/JCS-16894]
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333312
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? 4
social impact