Logo der Universität Wien

Responsibility-driven Design and Development of Process-aware Security Policies


Process-Aware Information Systems (PAIS) enable the automated support of business processes that are executed by a combination of human actors and systems. As processes typically require access to sensitive data, security policies are of high importance. Typically security policies in PAIS range from access rules and authorization constraints to context policies (location, time) and are scattered over the multitude of heterogeneous PAIS components, i.e. process models, repositories, organizational structures, etc. Currently, different approaches for modeling and enforcing security policies exist that assume a set of explicitly de?ned security policies. Because of aforementioned heterogeneity, these approaches are suboptimal for PAIS. In order to improve upon existing approaches we present a security policy data model and design methodology, based on the concept of responsibilities, permissions and constraints. The goal is to not only unify diverse security policies in different PAIS subsystems, but also to make security policies independent of these subsystems to restrain complexity from process modeling and evolution, and to allow for comprehensive security policy development and maintenance.

Grafik Top
Grafik Top
Paper in Conference Proceedings or in Workshop Proceedings (Paper)
Event Title
Sixth International Conference on Availability, Reliability and Security
Workflow Systems and Technology
Event Location
Vienna, Austria
Event Type
Event Dates
22-26 August 2011
IEEE Computer Society
Page Range
pp. 334-342
22 August 2011
Official URL
Grafik Top
Contact us
Faculty of Computer Science
University of Vienna

Währinger Straße 29
A-1090 Vienna