User specific privacy policies for collaborative BPaaS on the example of logistics

Today's business is more and more organized in collaborative networks. Although decision makers know the benefits of collaboration, they are afraid of losing control of their data, which is one of the main impediments for Cloud Computing. We propose a novel cloud based approach for collaboration in business processes with guaranteed control of the privacy of the data. The platform ensures the compliance with the companies' privacy policies and laws. The paper shows the definition of privacy policies and how they are converted into a well established access control language. An example helps to clarify the methods.

[1]  David R. Kuhn,et al.  Role-Based Access Control (RBAC): Features and Motivations | NIST , 1995 .

[2]  Bogdan Franczyk,et al.  Secure service interaction for collaborative business processes in the inter-cloud , 2015, 2015 Federated Conference on Computer Science and Information Systems (FedCSIS).

[3]  Bhavani Thuraisingham Mandatory Access Control , 2009 .

[4]  Antonios Gouglidis,et al.  domRBAC: An access control model for modern collaborative systems , 2012, Comput. Secur..

[5]  Bhavani M. Thuraisingham,et al.  Mandatory Access Control , 2009, Encyclopedia of Database Systems.

[6]  Le Xuan Hung,et al.  An enhancement of the Role-Based Access Control model to facilitate information access management in context of team collaboration and workflow , 2012, J. Biomed. Informatics.

[7]  Yingjiu Li,et al.  Data and Applications Security and Privacy XXV , 2011 .

[8]  Tim Moses,et al.  EXtensible Access Control Markup Language (XACML) version 1 , 2003 .

[9]  D. Richard Kuhn,et al.  Role-Based Access Control ( RBAC ) : Features and Motivations , 2014 .

[10]  John Hale,et al.  Development of a System Framework for Implementation of an Enhanced Role-Based Access Control Model to Support Collaborative Processes , 2012, HealthSec.

[11]  Le Xuan Hung,et al.  Evaluation of an Enhanced Role-Based Access Control model to manage information access in collaborative processes for a statewide clinical education program , 2014, J. Biomed. Informatics.

[12]  D. Richard Kuhn,et al.  Role-Based Access Controls , 2009, ArXiv.

[13]  David F. Ferraiolo,et al.  Guide to Attribute Based Access Control (ABAC) Definition and Considerations , 2014 .

[14]  Zahid Iqbal,et al.  Towards Semantic-Enhanced Attribute-Based Access Control for Cloud Services , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[15]  Xin Jin,et al.  A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC , 2012, DBSec.