Introducing Security Access Control Policies into Legacy Business Processes

Introducing Security Access Control Policies into Legacy Business Processes

Applying separation of concerns approaches into business process context generally results in several initiatives oriented to automatic generation of aspect code, generation of specific code according to the kind of concern (code for mapping roles and permissions derived from RBAC model for example)...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Giraldo, F. D., Blay-Fornarino, M., Mosser, S.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Access control
Authentication
Business
Business Processes
Process control
Security Standards
Separation of Concerns
Service-oriented Architecture
Software
Unified modeling language
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 49
container_issue
container_start_page 42
container_title
container_volume
creator Giraldo, F. D.
Blay-Fornarino, M.
Mosser, S.
description Applying separation of concerns approaches into business process context generally results in several initiatives oriented to automatic generation of aspect code, generation of specific code according to the kind of concern (code for mapping roles and permissions derived from RBAC model for example), or proposition of new mechanisms as dedicated aspectual languages. Most of these initiatives only consider functional behaviours of business process, omitting special behaviours derived from quality attributes such as security, which can be modelled as concerns that must be supported in the business process. In this paper we propose the integration of cross-cuttings standardized control access policies (based on RBAC model and Oasis XACML) into legacy business processes, using a separation of concerns approach.
doi_str_mv 10.1109/EDOCW.2011.11
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_6037600</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>6037600</ieee_id><sourcerecordid>6037600</sourcerecordid><originalsourceid>FETCH-LOGICAL-i214t-b14ed9a2f50a03aabc7aeac44675c646b059e74e1d44657f19488eb3c00473d63</originalsourceid><addsrcrecordid>eNo1jM1OwzAQhM2fRCk5cuLiF0hZx_Y6PpZQoCJSKwHiWDnOtjIqCYqTQ96eVsBcRjPfaBi7ETATAuzd4mFVfMwyEOKQT1hiTQ4GrVYqQ3PKJpnMdIoI-oxdCaWNgRxtfv4PdC4vWRLjJxyEaKWCCXtZNn3X1oMPzY6_kh-60I987j3FyIv2CPd83e6DDxR5aPqWl7RzfuT3QwzNcbXu2uOa4jW72Lp9pOTPp-z9cfFWPKfl6mlZzMs0ZEL1aSUU1dZlWw0OpHOVN46cVwqN9qiwAm3JKBL1odJmK6zKc6qkB1BG1iin7Pb3NxDR5rsLX64bNwjSIID8AWrYUZk</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Introducing Security Access Control Policies into Legacy Business Processes</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Giraldo, F. D. ; Blay-Fornarino, M. ; Mosser, S.</creator><creatorcontrib>Giraldo, F. D. ; Blay-Fornarino, M. ; Mosser, S.</creatorcontrib><description>Applying separation of concerns approaches into business process context generally results in several initiatives oriented to automatic generation of aspect code, generation of specific code according to the kind of concern (code for mapping roles and permissions derived from RBAC model for example), or proposition of new mechanisms as dedicated aspectual languages. Most of these initiatives only consider functional behaviours of business process, omitting special behaviours derived from quality attributes such as security, which can be modelled as concerns that must be supported in the business process. In this paper we propose the integration of cross-cuttings standardized control access policies (based on RBAC model and Oasis XACML) into legacy business processes, using a separation of concerns approach.</description><identifier>ISSN: 2325-6583</identifier><identifier>ISBN: 1457708698</identifier><identifier>ISBN: 9781457708695</identifier><identifier>EISSN: 2325-6605</identifier><identifier>EISBN: 9780769544267</identifier><identifier>EISBN: 0769544266</identifier><identifier>DOI: 10.1109/EDOCW.2011.11</identifier><language>eng</language><publisher>IEEE</publisher><subject>Access control ; Authentication ; Business ; Business Processes ; Process control ; Security Standards ; Separation of Concerns ; Service-oriented Architecture ; Software ; Unified modeling language</subject><ispartof>2011 IEEE 15th International Enterprise Distributed Object Computing Conference Workshops, 2011, p.42-49</ispartof><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/6037600$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>310,311,782,786,791,792,2062,27934,54929</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/6037600$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Giraldo, F. D.</creatorcontrib><creatorcontrib>Blay-Fornarino, M.</creatorcontrib><creatorcontrib>Mosser, S.</creatorcontrib><title>Introducing Security Access Control Policies into Legacy Business Processes</title><title>2011 IEEE 15th International Enterprise Distributed Object Computing Conference Workshops</title><addtitle>edocw</addtitle><description>Applying separation of concerns approaches into business process context generally results in several initiatives oriented to automatic generation of aspect code, generation of specific code according to the kind of concern (code for mapping roles and permissions derived from RBAC model for example), or proposition of new mechanisms as dedicated aspectual languages. Most of these initiatives only consider functional behaviours of business process, omitting special behaviours derived from quality attributes such as security, which can be modelled as concerns that must be supported in the business process. In this paper we propose the integration of cross-cuttings standardized control access policies (based on RBAC model and Oasis XACML) into legacy business processes, using a separation of concerns approach.</description><subject>Access control</subject><subject>Authentication</subject><subject>Business</subject><subject>Business Processes</subject><subject>Process control</subject><subject>Security Standards</subject><subject>Separation of Concerns</subject><subject>Service-oriented Architecture</subject><subject>Software</subject><subject>Unified modeling language</subject><issn>2325-6583</issn><issn>2325-6605</issn><isbn>1457708698</isbn><isbn>9781457708695</isbn><isbn>9780769544267</isbn><isbn>0769544266</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2011</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNo1jM1OwzAQhM2fRCk5cuLiF0hZx_Y6PpZQoCJSKwHiWDnOtjIqCYqTQ96eVsBcRjPfaBi7ETATAuzd4mFVfMwyEOKQT1hiTQ4GrVYqQ3PKJpnMdIoI-oxdCaWNgRxtfv4PdC4vWRLjJxyEaKWCCXtZNn3X1oMPzY6_kh-60I987j3FyIv2CPd83e6DDxR5aPqWl7RzfuT3QwzNcbXu2uOa4jW72Lp9pOTPp-z9cfFWPKfl6mlZzMs0ZEL1aSUU1dZlWw0OpHOVN46cVwqN9qiwAm3JKBL1odJmK6zKc6qkB1BG1iin7Pb3NxDR5rsLX64bNwjSIID8AWrYUZk</recordid><startdate>201108</startdate><enddate>201108</enddate><creator>Giraldo, F. D.</creator><creator>Blay-Fornarino, M.</creator><creator>Mosser, S.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>201108</creationdate><title>Introducing Security Access Control Policies into Legacy Business Processes</title><author>Giraldo, F. D. ; Blay-Fornarino, M. ; Mosser, S.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i214t-b14ed9a2f50a03aabc7aeac44675c646b059e74e1d44657f19488eb3c00473d63</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2011</creationdate><topic>Access control</topic><topic>Authentication</topic><topic>Business</topic><topic>Business Processes</topic><topic>Process control</topic><topic>Security Standards</topic><topic>Separation of Concerns</topic><topic>Service-oriented Architecture</topic><topic>Software</topic><topic>Unified modeling language</topic><toplevel>online_resources</toplevel><creatorcontrib>Giraldo, F. D.</creatorcontrib><creatorcontrib>Blay-Fornarino, M.</creatorcontrib><creatorcontrib>Mosser, S.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library Online</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Giraldo, F. D.</au><au>Blay-Fornarino, M.</au><au>Mosser, S.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Introducing Security Access Control Policies into Legacy Business Processes</atitle><btitle>2011 IEEE 15th International Enterprise Distributed Object Computing Conference Workshops</btitle><stitle>edocw</stitle><date>2011-08</date><risdate>2011</risdate><spage>42</spage><epage>49</epage><pages>42-49</pages><issn>2325-6583</issn><eissn>2325-6605</eissn><isbn>1457708698</isbn><isbn>9781457708695</isbn><eisbn>9780769544267</eisbn><eisbn>0769544266</eisbn><abstract>Applying separation of concerns approaches into business process context generally results in several initiatives oriented to automatic generation of aspect code, generation of specific code according to the kind of concern (code for mapping roles and permissions derived from RBAC model for example), or proposition of new mechanisms as dedicated aspectual languages. Most of these initiatives only consider functional behaviours of business process, omitting special behaviours derived from quality attributes such as security, which can be modelled as concerns that must be supported in the business process. In this paper we propose the integration of cross-cuttings standardized control access policies (based on RBAC model and Oasis XACML) into legacy business processes, using a separation of concerns approach.</abstract><pub>IEEE</pub><doi>10.1109/EDOCW.2011.11</doi><tpages>8</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 2325-6583
ispartof 2011 IEEE 15th International Enterprise Distributed Object Computing Conference Workshops, 2011, p.42-49
issn 2325-6583
2325-6605
language eng
recordid cdi_ieee_primary_6037600
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Access control
Authentication
Business
Business Processes
Process control
Security Standards
Separation of Concerns
Service-oriented Architecture
Software
Unified modeling language
title Introducing Security Access Control Policies into Legacy Business Processes
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-03T14%3A53%3A24IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Introducing%20Security%20Access%20Control%20Policies%20into%20Legacy%20Business%20Processes&rft.btitle=2011%20IEEE%2015th%20International%20Enterprise%20Distributed%20Object%20Computing%20Conference%20Workshops&rft.au=Giraldo,%20F.%20D.&rft.date=2011-08&rft.spage=42&rft.epage=49&rft.pages=42-49&rft.issn=2325-6583&rft.eissn=2325-6605&rft.isbn=1457708698&rft.isbn_list=9781457708695&rft_id=info:doi/10.1109/EDOCW.2011.11&rft_dat=%3Cieee_6IE%3E6037600%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&rft.eisbn=9780769544267&rft.eisbn_list=0769544266&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=6037600&rfr_iscdi=true