Modeling process-related RBAC models with extended UML activity models
暂无分享,去创建一个
[1] Mark Strembeck,et al. A scenario-driven role engineering process for functional RBAC roles , 2002, SACMAT '02.
[2] Uwe Zdun,et al. Some Patterns of Component and Language Integration , 2004, EuroPLoP.
[3] Roshan K. Thomas,et al. Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments , 1997, RBAC '97.
[4] Gail-Joon Ahn,et al. Role-based authorization constraints specification using Object Constraint Language , 2001, Proceedings Tenth IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises. WET ICE 2001.
[5] Antti Valmari,et al. The State Explosion Problem , 1996, Petri Nets.
[6] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.
[7] Luciano Lavagno,et al. Deriving Petri Nets for Finite Transition Systems , 1998, IEEE Trans. Computers.
[8] 日本規格協会. 情報技術-セキュリティ技術-情報セキュリティマネジメントシステム-要求事項 : 国際規格ISO/IEC 27001 = Information technology-Security techniques-Information security management systems-Requirements : ISO/IEC 27001 , 2005 .
[9] Wil M. P. van der Aalst,et al. Workflow Resource Patterns: Identification, Representation and Tool Support , 2005, CAiSE.
[10] Tadao Murata,et al. Petri nets: Properties, analysis and applications , 1989, Proc. IEEE.
[11] Tom Mens,et al. A Taxonomy of Model Transformation , 2006, GRaMoT@GPCE.
[12] Mark Strembeck. Conflict checking of separation of duty constraints in RBAC - implementation experiences , 2004, IASTED Conf. on Software Engineering.
[13] Elisa Bertino,et al. The specification and enforcement of authorization constraints in workflow management systems , 1999, TSEC.
[14] Jörg Becker,et al. Guidelines of Business Process Modeling , 2000, Business Process Management.
[15] Marianne M. Swanson,et al. Recommended Security Controls for Federal Information Systems , 2005 .
[16] Wil M.P. van der Aalst,et al. YAWL: yet another workflow language , 2005, Inf. Syst..
[17] R. Sandhu,et al. Access control: principles and practice , 1994, IEEE Commun. Mag..
[18] Volker Gruhn,et al. Model-Driven Software Development , 2005 .
[19] Mario Piattini,et al. A BPMN Extension for the Modeling of Security Requirements in Business Processes , 2007, IEICE Trans. Inf. Syst..
[20] Beate List,et al. An evaluation of conceptual business process modelling languages , 2006, SAC.
[21] Torsten Fink,et al. An MDA approach to Access Control Specifications Using MOF and UML Profiles , 2004, VODCA@FOSAD.
[22] Wil M. P. van der Aalst,et al. On the suitability of UML 2.0 activity diagrams for business process modelling , 2006, APCCM.
[23] Mark Strembeck,et al. An approach for the systematic development of domain-specific languages , 2009 .
[24] C. A. Petri. Fundamentals of a Theory of Asynchronous Information Flow , 1962, IFIP Congress.
[25] Shane Sendall,et al. Model Transformation: The Heart and Soul of Model-Driven Software Development , 2003, IEEE Softw..
[26] Ekkart Kindler,et al. On the semantics of EPCs: Resolving the vicious circle , 2006, Data Knowl. Eng..
[27] David A. Carrington,et al. An MDA Approach Towards Integrating Formal and Informal Modeling Languages , 2005, FM.
[28] Heinz Roland Weistroffer,et al. A Framework for Integrating Sarbanes-Oxley Compliance into the Systems Development Process , 2007, Commun. Assoc. Inf. Syst..
[29] Andreas Schaad,et al. Model-driven business process security requirement specification , 2009, J. Syst. Archit..
[30] M. Gallaher,et al. The Economic Impact of Role-Based Access Control , 2002 .
[31] J. Leon Zhao,et al. Workflow Automation: Overview and Research Issues , 2001, Inf. Syst. Frontiers.
[32] Remco M. Dijkman,et al. Semantics and analysis of business process models in BPMN , 2008, Inf. Softw. Technol..
[33] Ruth Breu,et al. Model based development of access policies , 2007, International Journal on Software Tools for Technology Transfer.
[34] Kees M. van Hee,et al. History-based joins: Semantics, soundness and implementation , 2008, Data Knowl. Eng..
[35] U. Zdun. Patterns of Component and Language Integration , 2006 .
[36] Akhil Kumar,et al. W-RBAC - A Workflow Security Model Incorporating Controlled Overriding of Constraints , 2003, Int. J. Cooperative Inf. Syst..
[37] Jason Crampton,et al. Delegation and satisfiability in workflow systems , 2008, SACMAT '08.
[38] Ivo Vondrák,et al. Business Process Modeling , 2007, Encyclopedia of Database Systems.
[39] Mark Strembeck,et al. Reusable Architectural Decisions for DSL Design: Foundational Decisions in DSL Projects , 2009, EuroPLoP.
[40] Jan Jürjens. Model-Based Run-Time Checking of Security Permissions Using Guarded Objects , 2008, RV.
[41] Wil M. P. van der Aalst,et al. Formalization and verification of event-driven process chains , 1999, Inf. Softw. Technol..
[42] James L. Peterson,et al. Petri Nets , 1977, CSUR.
[43] Jan H. P. Eloff,et al. Separation of duties for access control enforcement in workflow environments , 2001, IBM Syst. J..
[44] Mark Strembeck,et al. Role-Based Access Control for Information Federations in the Industrial Service Sector , 2010, ECIS.
[45] Ekkart Kindler,et al. AMFIBIA: A Meta-Model for the Integration of Business Process Modelling Aspects , 2006, The Role of Business Processes in Service Oriented Architectures.
[46] Mark Strembeck,et al. An approach to extract RBAC models from BPEL4WS processes , 2004, 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.
[47] Diomidis Spinellis,et al. Notable design patterns for domain-specific languages , 2001, J. Syst. Softw..
[48] Mark Strembeck. Scenario-Driven Role Engineering , 2010, IEEE Security & Privacy.
[49] Mark Strembeck,et al. An approach for the systematic development of domain‐specific languages , 2009, Softw. Pract. Exp..
[50] David Basin,et al. Model driven security: From UML models to access control infrastructures , 2006, TSEM.
[51] Jan Jürjens. Sound methods and effective tools for model-based security engineering with UML , 2005, ICSE '05.
[52] J. C. Cannon,et al. Compliance Deconstructed , 2006, ACM Queue.
[53] Ruth Breu,et al. Constraint based role based access control in the SECTET-frameworkA model-driven approach , 2008, J. Comput. Secur..
[54] Martin Gogolla,et al. Specification and Validation of Authorisation Constraints Using UML and OCL , 2005, ESORICS.
[55] Vijayalakshmi Atluri,et al. Inter-instance authorization constraints for secure workflow management , 2006, SACMAT '06.
[56] Jan Mendling,et al. Metrics for Process Models: Empirical Foundations of Verification, Error Prediction, and Guidelines for Correctness , 2008, Lecture Notes in Business Information Processing.
[57] Carl E. Landwehr,et al. Formal Models for Computer Security , 1981, CSUR.
[58] Andreas Schaad,et al. Modeling of Task-Based Authorization Constraints in BPMN , 2007, BPM.
[59] M Mernik,et al. When and how to develop domain-specific languages , 2005, CSUR.
[60] David D. Clark,et al. A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.
[61] Douglas C. Schmidt,et al. Guest Editor's Introduction: Model-Driven Engineering , 2006, Computer.
[62] Wil M. P. van der Aalst,et al. On the Suitability of BPMN for Business Process Modelling , 2006, Business Process Management.
[63] Hannes Schwarz,et al. Model-Driven Software Development , 2013 .
[64] Bran Selic,et al. The Pragmatics of Model-Driven Development , 2003, IEEE Softw..
[65] Rik Eshuis,et al. Tool support for verifying UML activity diagrams , 2004, IEEE Transactions on Software Engineering.
[66] Mark Strembeck,et al. Generic Algorithms for Consistency Checking of Mutual-Exclusion and Binding Constraints in a Business Process Context , 2010, OTM Conferences.
[67] Gail-Joon Ahn,et al. UML-based representation of role-based access control , 2000, Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000).
[68] Martin Gogolla,et al. Analyzing and Managing Role-Based Access Control Policies , 2008, IEEE Transactions on Knowledge and Data Engineering.
[69] Jason Crampton,et al. The consistency of task-based authorization constraints in workflow , 2004 .
[70] Ravi S. Sandhu,et al. Towards a UML based approach to role engineering , 1999, RBAC '99.
[71] Elisa Bertino,et al. Access Control and Authorization Constraints for WS-BPEL , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).
[72] Karsten Sohr,et al. Enforcing Role-Based Access Control Policies in Web Services with UML and OCL , 2008, 2008 Annual Computer Security Applications Conference (ACSAC).
[73] Mark Strembeck,et al. An integrated approach to engineer and enforce context constraints in RBAC environments , 2004, TSEC.
[74] Jian Yang,et al. Specifying Role-Based Access Constraints with Object Constraint Language , 2004, APWeb.
[75] Wolfgang Reisig,et al. 06291 Abstracts Collection -- The Role of Business Processes in Service-Oriented Architectures , 2006, The Role of Business Processes in Service Oriented Architectures.
[76] Indrakshi Ray,et al. Using uml to visualize role-based access control constraints , 2004, SACMAT '04.
[77] Jan Mendling,et al. Formalization and Verification of EPCs with OR-Joins Based on State and Context , 2007, CAiSE.
[78] Kees M. van Hee,et al. History-Based Joins: Semantics, Soundness and Implementation , 2006, Business Process Management.
[79] Mark Strembeck. A Role Engineering Tool for Role-Based Access Control , 2005 .
[80] August-Wilhelm Scheer,et al. ARIS - Business Process Modeling , 1998 .
[81] Vijayalakshmi Atluri,et al. Role-based Access Control , 1992 .
[82] Ninghui Li,et al. On mutually-exclusive roles and separation of duty , 2004, CCS '04.
[83] James O. Coplien,et al. Pattern languages of program design , 1995 .
[84] Mark Strembeck,et al. Modeling Composition in Dynamic Programming Environments with Model Transformations , 2006, SC@ETAPS.
[85] Jan Mendling,et al. From business process models to process-oriented software systems , 2009, TSEM.
[86] Remco M. Dijkman,et al. Petri Net Transformations for Business Processes - A Survey , 2009, Trans. Petri Nets Other Model. Concurr..
[87] Francesco Parisi-Presicce,et al. UML specification of access control policies and their formal verification , 2006, Software & Systems Modeling.
[88] Mario Piattini,et al. Capturing Security Requirements in Business Processes Through a UML 2.0 Activity Diagrams Profile , 2006, ER.
[89] Edward J. Coyne,et al. Role Engineering for Enterprise Security Management , 2007 .
[90] Jan Jürjens,et al. Secure systems development with UML , 2004 .
[91] Edward Roback,et al. SP 800-12. An Introduction to Computer Security: the NIST Handbook , 1995 .
[92] D. Richard Kuhn,et al. A role-based access control model and reference implementation within a corporate intranet , 1999, TSEC.
[93] Ravi S. Sandhu,et al. Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management , 1997, DBSec.
[94] Gail-Joon Ahn,et al. Role-based authorization constraints specification , 2000, TSEC.
[95] Ting Yu,et al. Enforcing security properties in task-based systems , 2008, SACMAT '08.
[96] Markus Völter,et al. Model-Driven Software Development: Technology, Engineering, Management , 2006 .
[97] Dragos Manolescu,et al. Production workflow: concepts and techniques , 2001, SOEN.
[98] Roshan K. Thomas,et al. Flexible team-based access control using contexts , 2001, SACMAT '01.
[99] Jan Jürjens,et al. Model-based design and analysis of permission-based security , 2005, 10th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS'05).
[100] Mark Strembeck. Embedding policy rules for software-based systems in a requirements context , 2005, Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'05).
[101] Mark Strembeck,et al. Specifying Separation of Duty Constraints in BPEL4People Processes , 2008, BIS.
[102] Marios Damianides,et al. How does SOX change IT , 2004 .
[103] Seog Park,et al. Task-role-based access control model , 2003, Inf. Syst..
[104] D. Richard Kuhn,et al. Role-Based Access Controls , 2009, ArXiv.
[105] P. Samarati,et al. Access control: principle and practice , 1994, IEEE Communications Magazine.