Staff Profile Pages

Process driven access control and authorization approach

Authors: Kasse, J.P., Xu, L., Devrieze, P. and Bai, Y.

Journal: Advances in Intelligent Systems and Computing

Volume: 1041

Pages: 313-322

eISSN: 2194-5365

ISSN: 2194-5357

DOI: 10.1007/978-981-15-0637-6_26

Abstract:

Compliance to regulatory requirements is key to successful collaborative business process execution. The review of the EU General Data Protection Regulation (GDPR) brought to the fore the need to comply with data privacy. Access control and authorization mechanisms in workflow management systems based on roles, tasks, and attributes do not sufficiently address the current complex and dynamic privacy requirements in collaborative business process environments due to diverse policies. This paper proposes process driven authorization as an alternative approach to data access control and authorization where access is granted based on a legitimate need to accomplish a task in the business process. Due to vast sources of regulations, a mechanism to derive and validate a composite set of constraints free of conflicts and contradictions is presented. An extended workflow tree language is also presented to support constraint modeling. An industry case pick and pack process is used for illustration.

https://eprints.bournemouth.ac.uk/31835/

Source: Scopus

Process Driven Access Control and Authorisation Approach

Authors: Kasse, J., Xu, L., De Vrieze, P. and Bai, Y.

Conference: International Congress on Information and Communication Technology 2019

Dates: 25-26 February 2019

Journal: Springer Advances in Intelligent Systems and Computing

Publisher: Springer

Abstract:

Compliance to regulatory requirements is key to successful collaborative business process execution. The review the EU general data protection regulation (GDPR) brought to the fore the need to comply with data privacy. Access control and authorization mechanisms in workflow management systems based on roles, tasks and attributes do not sufficiently address the current complex and dynamic privacy requirements in collaborative business process environments due to diverse policies. This paper proposes process driven authorization as an alternative approach to data access control and authorization where access is granted based on legitimate need to accomplish a task in the business process. Due to vast sources of regulations, a mechanism to derive and validate a composite set of constraints free of conflicts and contradictions is presented. An extended workflow tree language is also presented to support constraint modeling. An industry case Pick and Pack process is used for illustration.

https://eprints.bournemouth.ac.uk/31835/

Source: Manual

Process Driven Access Control and Authorisation Approach

Authors: Xu, L., de Vrieze, P.T. and Bai, Y.

Conference: International Congress on Information and Communication Technology 2019

Publisher: Springer

Abstract:

Compliance to regulatory requirements is key to successful collaborative business process execution. The review the EU general data protection regulation (GDPR) brought to the fore the need to comply with data privacy. Access control and authorization mechanisms in workflow management systems based on roles, tasks and attributes do not sufficiently address the current complex and dynamic privacy requirements in collaborative business process environments due to diverse policies. This paper proposes process driven authorization as an alternative approach to data access control and authorization where access is granted based on legitimate need to accomplish a task in the business process. Due to vast sources of regulations, a mechanism to derive and validate a composite set of constraints free of conflicts and contradictions is presented. An extended workflow tree language is also presented to support constraint modeling. An industry case Pick and Pack process is used for illustration.

https://eprints.bournemouth.ac.uk/31835/

http://www.icict.co.uk/index.php

Source: BURO EPrints