More Web Proxy on the site http://driver.im/

Article

On the controlled evolution of access rules in cooperative information systems

Authors:

Stefanie Rinderle,

Manfred ReichertAuthors Info & Claims

OTM'05: Proceedings of the 2005 Confederated international conference on On the Move to Meaningful Internet Systems - Volume >Part I

Pages 238 - 255

https://doi.org/10.1007/11575771_17

Published: 31 October 2005 Publication History

Abstract

For several reasons enterprises are frequently subject to organizational change. Respective adaptations may concern business processes, but also other components of an enterprise architecture. In particular, changes of organizational structures often become necessary.

The information about organizational entities and their relationships is maintained in organizational models. Therefore the quick and correct adaptation of these models is fundamental to adequately cope with changes. However, model changes alone are not sufficient to guarantee consistency. Since organizational models also provide the basis for defining access rules (e.g., actor assignments in workflow management systems or access rules in document–centered applications) this information has to be adapted accordingly (e.g., to avoid non-resolvable actor assignments). Current approaches do not adequately address this problem, which often leads to security gaps and delayed change adaptations.

In this paper we present a comprehensive approach for the controlled evolution of organizational models in cooperative information systems. First, we introduce a set of operators with well-defined semantics for defining and changing organizational models. Second, we present an advanced approach for the semi-automated adaptation of access rules when the underlying organizational model is changed. This includes a formal part concerning both the evolution of organizational models and the adaptation of related access rules.

References

[1]

v.d. Aalst, W., van Hee, K.: Workflow Management. MIT Press (2002)

[2]

Sutton, M.: Document Management for the Enterprise: Principles, Techniques and Applications. John Wiley (1996)

Digital Library

[3]

Linthicum, D.: Enterpise Application Integration. Addison-Wesley (1999)

Digital Library

[4]

Konyen, I.: Organizational structures and business processes in hospitals. Master's thesis, University of Ulm, Computer Science Faculty (1996) (in German).

[5]

Jablonski, S., Schlundt, M., Wedekind, H.: A generic component for the computer-based use of organizational models (in german). Informatik Forschung und Entwicklung 16 (2001) 23-34

[6]

Klarmann, J.: A comprehensive support for changes in organizational models of workflow management systems. In: Proc. 4th Int'l Conf. on Inf Systems Modeling (ISM'01). (2001) 375-387

[7]

Reichert, M., Dadam, P.: ADEPTflex - supporting dynamic changes of workflows without losing control. JIIS 10 (1998) 93-129

Digital Library

[8]

Rinderle, S., Reichert, M., Dadam, P.: On dealing with structural conflicts between process type and instance changes. In Desel, J., Pernici, B., Weske, M., eds.: Proc. 2nd Int'l Conf. on Business Process Management (BPM'04). LNCS 3080, Potsdam, Germany (2004) 274-289

[9]

Rinderle, S., Reichert, M., Dadam, P.: Disjoint and overlapping process changes: Challenges, solutions, applications. In: Proc. Int'l Conf. on Cooperative Information Systems (CoopIS'04). LNCS 3290, Agia Napa, Cyprus (2004) 101-120

[10]

Rinderle, S., Reichert, M., Dadam, P.: Correctness criteria for dynamic changes in workflow systems - a survey. Data and Knowledge Engineering, Special Issue on Advances in Business Process Management 50 (2004) 9-34

Digital Library

[11]

Reichert, M., Rinderle, S., Dadam, P.: On the common support of workflow type and instance changes under correctness constraints. In: Proc. Int'l Conf. on Cooperative Information Systems (CoopIS'03). LNCS 2888, Catania, Italy (2003) 407-425

[12]

Bertino, E.: Data security. DKE 25 (1998) 199-216

Digital Library

[13]

zur Muehlen, M.: Resource modeling in workflow applications. In: Proc. of the 1999 Workflow Management Conference (Muenster). (1999) 137-153

[14]

Weber, B., Reichert, M., Wild, W., Rinderle, S.: Balancing flexibility and security in adaptive process management systems. In: Proc. Int'l Conf. on Cooperative Information Systems (CoopIS'05), Agia Napa, Cyprus (2005)

Digital Library

[15]

Ferraiolo, D., Kuhn, D., Chandramouli, R.: Role-Based Access Control. Artech House (2003)

Digital Library

[16]

NIST: Proposed Standard for Role-Based Access Control. http://csrc.nist.gov/rbac/rbacSTDACM.pdf (2004)

[17]

Ferraiolo, D., Kuhn, D.: Role based access control. In: 15th National Computer Security Conference. (1992)

[18]

Sutton, M.: Document Management for the Enterprise - Principles, Techniques, and Applications. Wiley Computer Publ., New York (1996)

Digital Library

[19]

Botha, R., Eloff, J.: A framework for access control in workflow systems. Information Management and Computer Security. 9 (2001) 126-133

[20]

Bertino, E., Ferrari, E., Alturi, V.: The specification and enforcement of authorization constraints in wfms. ACM Trans. on Inf. and Sys. Sec. 2 (1999) 65-104

Digital Library

[21]

Wainer, J., Barthelmess, P., Kumar, A.: W-RBAC - a workflow security model incorporating controlled overriding of constraints. International Journal of Collaborative Information Systems 12 (2003) 455-485

[22]

Klarmann, J.: A comprehensive support for changes in organizational models of workflow management systems. In: Proc. Int'l Conf. on Information Systems Modeling (ISM'01), Hradec nad Moravici, Czech Republic (2001)

[23]

Domingos, D., Rito-Silva, A., Veiga, P.: Authorization and access control in adaptive workflows. In: Proc. Europ. Symposium on Research in Computer Science (ESORICS'03), Gjovik, Norway (2003) 23-28

[24]

Berroth, M.: Design of a component for organizational models. Master's thesis, University of Ulm, Computer Science Faculty (2005) (in German).

[25]

v.d. Aalst, W., Jablonski, S.: Dealing with workflow change: Identification of issues an solutions. Int'l Journal of Comp. Systems, Science and Engineering 15 (2000) 267-276

[26]

Klarmann, J.: Using conceptual graphs for organization modeling in workflow management systems. In: Proc. Conf. Professionelles Wissensmanagement (WM'01). (2001) 19-23

[27]

Reichert, M., Rinderle, S., Kreher, U., Dadam, P.: Adaptive process management with adept2. In: Proc. 21st Int'l Conf. on Data Engineering (ICDE'05), Tokyo (2005) 1113-1114

Digital Library

[28]

Rinderle, S., Reichert, M., Dadam, P.: Flexible support of team processes by adaptive workflow systems. Distributed and Parallel Databases 16 (2004) 91-116

Digital Library

[29]

Rinderle, S., Weber, B., Reichert, M., Wild, W.: Integrating process learning and process evolution - a semantics based approach. In: 3rd Int'l Conf. on Business Process Management (BPM'05), Nancy, France (2005)

Digital Library

Cited By

Torres VPérez JKoschmider ADaniel F(2011)Dealing with collaborative tasks in process mashupsProceedings of the 5th International Workshop on Web APIs and Service Mashups10.1145/2076006.2076011(1-8)Online publication date: 14-Sep-2011
https://dl.acm.org/doi/10.1145/2076006.2076011
Rinderle SReichert MJurisch MKreher U(2006)On representing, purging, and utilizing change logs in process management systemsProceedings of the 4th international conference on Business Process Management10.1007/11841760_17(241-256)Online publication date: 5-Sep-2006
https://dl.acm.org/doi/10.1007/11841760_17
Ly LRinderle SDadam PReichert M(2005)Mining staff assignment rules from event-based dataProceedings of the Third international conference on Business Process Management10.1007/11678564_16(177-190)Online publication date: 5-Sep-2005
https://dl.acm.org/doi/10.1007/11678564_16

Recommendations

Comprehensive life cycle support for access rules in information systems: the CEOSIS project
Towards Model-driven Service-oriented Enterprise Computing - 12th International IEEE EDOC Enterprise Computing Conference (EDOC 2008)

The definition and management of access rules (e.g. to control access to business documents and business functions) is a fundamental task in any enterprise information system (EIS). While there exists considerable work on how to specify and represent ...
Consistency and enforcement of access rules in cooperative data sharing environment

In this paper we consider the situation where a set of enterprises need to collaborate to provide rich services to their clients. An enterprise may need information from several other collaborating parties to satisfy its business requirements. Such ...
Defining access control rules with conditions
RuleML'10: Proceedings of the 2010 international conference on Semantic web rules

The Business Entity method is a new approach for declarative Business Process Modeling. An important aspect of this method is access control rules that determine what users can access what data under what conditions. This paper describes an extension of ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

OTM'05: Proceedings of the 2005 Confederated international conference on On the Move to Meaningful Internet Systems - Volume >Part I

October 2005

917 pages

ISBN:3540297367

Editors:
Robert Meersman
STARLab, Vrije Universiteit Brussel (VUB), Bldg G/10, Pleinlaan 2, Brussels, Belgium
,
Zahir Tari
School of Computer Science and Information Technology, RMIT University, Bld 10.10, 376-392 Swanston Street, Melbourne, VIC, Australia

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 31 October 2005

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Torres VPérez JKoschmider ADaniel F(2011)Dealing with collaborative tasks in process mashupsProceedings of the 5th International Workshop on Web APIs and Service Mashups10.1145/2076006.2076011(1-8)Online publication date: 14-Sep-2011
https://dl.acm.org/doi/10.1145/2076006.2076011
Rinderle SReichert MJurisch MKreher U(2006)On representing, purging, and utilizing change logs in process management systemsProceedings of the 4th international conference on Business Process Management10.1007/11841760_17(241-256)Online publication date: 5-Sep-2006
https://dl.acm.org/doi/10.1007/11841760_17
Ly LRinderle SDadam PReichert M(2005)Mining staff assignment rules from event-based dataProceedings of the Third international conference on Business Process Management10.1007/11678564_16(177-190)Online publication date: 5-Sep-2005
https://dl.acm.org/doi/10.1007/11678564_16

View Options

View options

Media

Figures

Other

Tables

View Table of Contents