An Approach for Consistent Delegation in Process-Aware Information Systems

Delegation is an important concept to increase flexibility in authorization and obligation management. Due to the complexity of potential delegation relations, there is a strong need to systematically check the consistency of all delegation assignments. In this paper, we discuss the detection of delegation conflicts based on the formal definitions of a model that supports the delegation of roles, tasks, and duties in a business process context.

[1]  Mark Strembeck Scenario-Driven Role Engineering , 2010, IEEE Security & Privacy.

[2]  Andreas Schaad Detecting conflicts in a role-based delegation model , 2001, Seventeenth Annual Computer Security Applications Conference.

[3]  Tharam S. Dillon,et al.  On the Move to Meaningful Internet Systems, OTM 2010 , 2010, Lecture Notes in Computer Science.

[4]  Jorge Lobo,et al.  Policies for Distributed Systems and Networks , 2001, Lecture Notes in Computer Science.

[5]  Mark Strembeck,et al.  Modeling Process-Related Duties with Extended UML Activity and Interaction Diagrams , 2011, Electron. Commun. Eur. Assoc. Softw. Sci. Technol..

[6]  Ravi S. Sandhu,et al.  PBDM: a flexible delegation model in RBAC , 2003, SACMAT '03.

[7]  Mark Strembeck,et al.  Modeling process-related RBAC models with extended UML activity models , 2011, Inf. Softw. Technol..

[8]  Akhil Kumar,et al.  DW-RBAC: A formal security model of delegation and revocation in workflow systems , 2007, Inf. Syst..

[9]  John Derrick,et al.  Author Obliged to Submit Paper before 4 July: Policies in an Enterprise Specification , 2001, POLICY.

[10]  Ramaswamy Chandramouli,et al.  Role-Based Access Control (2nd ed.) , 2007 .

[11]  Ramaswamy Chandramouli,et al.  Role-Based Access Control, Second Edition , 2007 .

[12]  Jason Crampton,et al.  Delegation in role-based access control , 2007, International Journal of Information Security.

[13]  Elisa Bertino,et al.  Fine-grained role-based delegation in presence of the hybrid role hierarchy , 2006, SACMAT '06.

[14]  Mark Strembeck,et al.  Detecting and Resolving Conflicts of Mutual-Exclusion and Binding Constraints in a Business Process Context , 2011, OTM Conferences.

[15]  Andreas Schaad,et al.  Delegation of obligations , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[16]  Vijayalakshmi Atluri,et al.  Inter-instance authorization constraints for secure workflow management , 2006, SACMAT '06.

[17]  Ravi S. Sandhu,et al.  Framework for role-based delegation models , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[18]  Jason Crampton,et al.  On delegation and workflow execution models , 2008, SAC '08.

[19]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[20]  David W. Chadwick,et al.  Obligations for Role Based Access Control , 2007, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07).

[21]  Xingang Wang,et al.  Constraints for Permission-Based Delegations , 2008, 2008 IEEE 8th International Conference on Computer and Information Technology Workshops.

[22]  Mark Strembeck,et al.  Generic Algorithms for Consistency Checking of Mutual-Exclusion and Binding Constraints in a Business Process Context , 2010, OTM Conferences.

[23]  Vijayalakshmi Atluri,et al.  Supporting conditional delegation in secure workflow management systems , 2005, SACMAT '05.

[24]  Jason Crampton,et al.  Delegation and satisfiability in workflow systems , 2008, SACMAT '08.

[25]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.