An Access-Control Framework for WS-BPEL

doi:10.4018/jwsr.2008070102

Reference Hub

This research has been cited in:

Conference
Separation of duties as a serviceProceedings of the 6th ACM Symposium on Information, Computer and Communications Security10.1145/1966913.1966972
Article
A declarative two-level framework to specify and verify workflow and authorization policies in service-oriented architecturesService Oriented Computing and Applications10.1007/s11761-010-0073-4
Article
New Approach Targeting Security Patterns Development and DeploymentInformation Security Journal: A Global Perspective10.1080/19393555.2011.607220
Conference
Automated Validation of Security-Sensitive Web Services Specified in BPEL and RBAC2010 12th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing10.1109/SYNASC.2010.75
Chapter
Multi-Policy Collaborative Access Control Model for Composite ServicesComputer Science and its Applications10.1007/978-94-007-5699-1_98
Conference
Security Constraints in Temporal Role-Based Access-Controlled WorkflowsProceedings of the Sixth ACM Conference on Data and Application Security and Privacy10.1145/2857705.2857716
Conference
Heterogeneous system integration platform for enterprise collaboration: A case study in large scale business group2010 IEEE International Conference on Software Engineering and Service Sciences10.1109/ICSESS.2010.5552298
Chapter
Architectural Patterns for Security-Oriented Workflows in Collaborative EnvironmentsSecurity, Privacy, and Anonymity in Computation, Communication, and Storage10.1007/978-3-319-49148-6_34
Conference
A Novel Approach for the Development and Deployment of Security Patterns2010 IEEE Second International Conference on Social Computing10.1109/SocialCom.2010.135
Article
Dynamic enforcement of abstract separation of duty constraintsACM Transactions on Information and System Security10.1145/2382448.2382451
Chapter
Toward Comprehensive Security Policy Governance in Collaborative EnterpriseAdvances in Production Management Systems. Value Networks: Innovation, Technologies, and Management10.1007/978-3-642-33980-6_39
Article
Enforcement of entailment constraints in distributed service-based business processesInformation and Software Technology10.1016/j.infsof.2013.05.001
Article
Integrating constraints to support legally flexible business processesInformation Systems Frontiers10.1007/s10796-009-9190-z
Conference
Toward Systematic Integration of Security Policies into Web Services2011 European Intelligence and Security Informatics Conference10.1109/EISIC.2011.48
Conference
WSSMT: Towards the Automated Analysis of Security-Sensitive Services and Applications2010 12th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing10.1109/SYNASC.2010.74
Conference
Identity Attribute-Based Role Provisioning for Human WS-BPEL Processes2009 IEEE International Conference on Web Services10.1109/ICWS.2009.84
Chapter
Authorization and User Failure Resiliency for WS-BPEL Business ProcessesService-Oriented Computing – ICSOC 200710.1007/978-3-540-89652-4_12
Conference
Workflow-Based Dynamic Access Control in a Service-Oriented Architecture2012 26th International Conference on Advanced Information Networking and Applications Workshops10.1109/WAINA.2012.65
Conference
Mitigating conflicts of interest by authorization policiesProceedings of the 8th International Conference on Security of Information and Networks10.1145/2799979.2800013
Conference
New approach for the dynamic enforcement of Web services security2010 Eighth International Conference on Privacy, Security and Trust10.1109/PST.2010.5593232
Conference
Security-aware web service composition approachesProceedings of the 13th International Conference on Information Integration and Web-based Applications and Services10.1145/2095536.2095557
Chapter
Managing Conflict of Interest in Service CompositionOn the Move to Meaningful Internet Systems: OTM 201010.1007/978-3-642-16934-2_20
Conference
Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures2009 International Conference on Computational Science and Engineering10.1109/CSE.2009.172
Conference
A logical framework for reasoning about policies with trust negotiations and workflows in a distributed environment2009 Fourth International Conference on Risks and Security of Internet and Systems (CRiSIS 2009)10.1109/CRISIS.2009.5411983
Conference
An integrated approach for identity and access management in a SOA contextProceedings of the 16th ACM symposium on Access control models and technologies10.1145/1998441.1998446
Chapter
From ASTD Access Control Policies to WS-BPEL Processes Deployed in a SOA EnvironmentWeb Information Systems Engineering – WISE 2010 Workshops10.1007/978-3-642-24396-7_11
Article
XrML-RBLicensing approach adapted to the BPEL process of composite web servicesService Oriented Computing and Applications10.1007/s11761-013-0127-5
Article
Security for Web ServicesInternational Journal of Web Services Research10.4018/jwsr.2009071303
Chapter
Cloud Computing and Frameworks for Organisational Cloud AdoptionDelivery and Adoption of Cloud Computing Services in Contemporary Organizations10.4018/978-1-4666-8210-8.ch001
Article
Case Studies and Organisational Sustainability Modelling Presented by Cloud Computing Business FrameworkInternational Journal of Web Services Research10.4018/jwsr.2011070102
Chapter
Cloud Computing and Frameworks for Organisational Cloud AdoptionWeb-Based Services10.4018/978-1-4666-9466-8.ch030
Chapter
Security for Web ServicesInnovations, Standards and Practices of Web Services10.4018/978-1-61350-104-7.ch015
Chapter
A Proposed Framework for Cloud Computing AdoptionSustainable Business10.4018/978-1-5225-9615-8.ch044

An Access-Control Framework for WS-BPEL

Frederica Paci, Elisa Bertino, Jason Crampton

Source Title: International Journal of Web Services Research (IJWSR)5(3)

Cite Article Cite Article

MLA

Paci, Frederica, et al. "An Access-Control Framework for WS-BPEL." IJWSR vol.5, no.3 2008: pp.20-43. http://doi.org/10.4018/jwsr.2008070102

APA

Paci, F., Bertino, E., & Crampton, J. (2008). An Access-Control Framework for WS-BPEL. International Journal of Web Services Research (IJWSR), 5(3), 20-43. http://doi.org/10.4018/jwsr.2008070102

Chicago

Paci, Frederica, Elisa Bertino, and Jason Crampton. "An Access-Control Framework for WS-BPEL," International Journal of Web Services Research (IJWSR) 5, no.3: 20-43. http://doi.org/10.4018/jwsr.2008070102

Export Reference

Favorite Full-Issue Download

View Full Text PDF

Abstract

Business processes, the next-generation workflows, have attracted considerable research interest in the last 15 years. More recently, several XML-based languages have been proposed for specifying and orchestrating business processes, resulting in the WS-BPEL language. Even if WS-BPEL has been developed to specify automated business processes that orchestrate activities of multiple Web services, there are many applications and situations requiring that people be considered as additional participants who can influence the execution of a process. Significant omissions from WS-BPEL are the specification of activities that require interactions with humans to be completed, called human activities, and the specification of authorization information associating users with human activities in a WS-BPEL business process and authorization constraints, such as separation of duty, on the execution of human activities. In this article, we address these deficiencies by introducing a new type of WS-BPEL activity to model human activities and by developing RBAC-WS-BPEL, a role-based access-control model for WS-BPEL, and BPCL, a language to specify authorization constraints.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email: *

Password: *

Forgot individual login password?

Create individual account

An Access-Control Framework for WS-BPEL

MLA

APA

Chicago

Export Reference

Abstract

Request Access