pdfreaders.org

SecureBPMN: Modeling and Enforcing Access Control Requirements in Business Processes

by Achim D. Brucker, Isabelle Hang, Gero Lückemeyer, and Raj Ruparel

Cover for brucker.ea:securebpmn:2012.Modern enterprise systems have to comply to regulations such as Basel III resulting in complex security requirements. These requirements need to be modeled at design-time and enforced at runtime. Moreover, modern enterprise systems are often business-process driven, i. e., the system behavior is described as high-level business processes that are executed by a business process execution engine.

Consequently, there is a need for an integrated and tool-supported methodology that allows for specifying and enforcing compliance and security requirements for business process-driven enterprise systems.

In this paper, we present a tool chain supporting both the design-time modeling as well as the run-time enforcement of security requirements for business process-driven systems.

Keywords:
Categories: , ,
Documents: (full text as PDF file)

QR Code for brucker.ea:securebpmn:2012.Please cite this article as follows:
Achim D. Brucker, Isabelle Hang, Gero Lückemeyer, and Raj Ruparel. SecureBPMN: Modeling and Enforcing Access Control Requirements in Business Processes. In ACM symposium on access control models and technologies (SACMAT). , pages 123-126, ACM Press, 2012.
(full text as PDF file) (BibTeX) (Endnote) (RIS) (Word) (doi:10.1145/2295136.2295160) (ACM) (Share article on LinkedIn. Share article on CiteULike. )

BibTeX
@InProceedings{ brucker.ea:securebpmn:2012,
abstract = {Modern enterprise systems have to comply to regulations such as Basel III resulting in complex security requirements. These requirements need to be modeled at design-time and enforced at runtime. Moreover, modern enterprise systems are often business-process driven, i. e., the system behavior is described as high-level business processes that are executed by a business process execution engine.\\\\Consequently, there is a need for an integrated and tool-supported methodology that allows for specifying and enforcing compliance and security requirements for business process-driven enterprise systems.\\\\In this paper, we present a tool chain supporting both the design-time modeling as well as the run-time enforcement of security requirements for business process-driven systems.},
address = {New York, NY, USA},
author = {Achim D. Brucker and Isabelle Hang and Gero L{\"u}ckemeyer and Raj Ruparel},
booktitle = {ACM symposium on access control models and technologies (SACMAT)},
copyright = {ACM},
doi = {10.1145/2295136.2295160},
isbn = {978-1-4503-1295-0},
language = {USenglish},
location = {Newark, USA},
mycopyrighturl = {http://dl.acm.org/authorize?6705782},
pages = {123--126},
pdf = {https://www.brucker.ch/bibliography/download/2012/brucker.ea-securebpmn-2012.pdf},
publisher = {ACM Press},
title = {{SecureBPMN}: Modeling and Enforcing Access Control Requirements in Business Processes},
url = {https://www.brucker.ch/bibliography/abstract/brucker.ea-securebpmn-2012},
year = {2012},
}