Skip to main content

Process Driven Access Control and Authorisation Approach.

Tools

Xu, L., de Vrieze, P. T. and Bai, Y., 2019. Process Driven Access Control and Authorisation Approach. In: International Congress on Information and Communication Technology 2019, 25-26 February 2019, London, UK.

Full text available as:

[img]
Preview
 PDF
90.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.
492kB

Copyright to original material in this document is with the original owner(s). Access to this content through BURO is granted on condition that you use it only for research, scholarly or other non-commercial purposes. If you wish to use it for any other purposes, you must contact BU via BURO@bournemouth.ac.uk.

Any third party copyright material in this document remains the property of its respective owner(s). BU grants no licence for further use of that third party material.

Official URL: http://www.icict.co.uk/index.php

Abstract

Compliance to regulatory requirements is key to successful collaborative business process execution. The review the EU general data protection regulation (GDPR) brought to the fore the need to comply with data privacy. Access control and authorization mechanisms in workflow management systems based on roles, tasks and attributes do not sufficiently address the current complex and dynamic privacy requirements in collaborative business process environments due to diverse policies. This paper proposes process driven authorization as an alternative approach to data access control and authorization where access is granted based on legitimate need to accomplish a task in the business process. Due to vast sources of regulations, a mechanism to derive and validate a composite set of constraints free of conflicts and contradictions is presented. An extended workflow tree language is also presented to support constraint modeling. An industry case Pick and Pack process is used for illustration.

Item Type:Conference or Workshop Item (Paper)
Additional Information:Funded by FIRST
Group:Faculty of Science & Technology
ID Code:31835
Deposited By: Symplectic RT2
Deposited On:20 Feb 2019 16:39
Last Modified:14 Mar 2022 14:14

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -