论文信息 - Idea to derive security policies from collaborative business processes

Idea to derive security policies from collaborative business processes

Collaborative business processes often consist of services provided by multiple business entities which agree to join a business collaboration. To enable trustworthy and secure consumption and provisioning of services across organizational boundaries, security requirements must be carefully defined so as to be coherent, consistent, and in compliance with designed business processes. However, managing security requirements in collaborative environments is error-prone, effort inefficient, and hard to be verified. This paper introduces our ongoing research effort for developing algorithms and methods to derive security policies from formally defined business process models. The derived policies serve as templates which can be later on complemented with concrete business entity data and finally turned into deployable policies.

Ji Hu

[1] T. D. Fletcher,et al. Web Services Choreography Description Language Version 1.0, W3C , 2004 .

[2] Yaron Goland,et al. Web Services Business Process Execution Language , 2009, Encyclopedia of Database Systems.

[3] Mike P. Papazoglou,et al. A Survey of Web service technologies , 2004 .

[4] B. Thurm,et al. Automated Creation and Realization of Security Federation for Cross-Organizational Business Processes , 2008, 2008 IEEE Symposium on Advanced Management of Information for Globalized Enterprises (AMIGE).

[5] Ramesh Nagappan,et al. Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management , 2005 .

[6] Francisco Curbera,et al. Web Services Business Process Execution Language Version 2.0 , 2007 .