SOAC-Net: A model to manage service-based business process authorization
conference contribution
posted on 2024-11-14, 11:15 authored by Haiyang Sun, Jian Yang, Weiliang Zhao, Sanjay K NepalBusiness process (BP) can be supported by a large number of resources with evolving contents. In order to receive the support from these resources, the BP must satisfy the authorization policies of these resources. On the other hand, a BP also has its own authorization policies that users must satisfy in order to interact with the BP. Meanwhile, execution policies need to be applied to manage the sequence of tasks invocations in a BP. Therefore, without proper coordination among these policies, BP may not be able to perform correctly, e.g., imperative support from a specific resource could be missing or unauthorized user access can occur. An effective authorization management bringing all types of policies together becomes a must for a BP executing correctly without breaking any authorization and business rules. In this paper, we propose a process model, SOAC-Net that is incorporated with an authorization model, Process-Aware Service-Oriented Authorization Control (PASOAC). PASOAC is an extension of Role Based Access Control (RBAC), which takes both resource and user into account. A set of authorization constraints are designed in PASOAC to coordinate the user access and the resource support in a process environment. © 2012 IEEE.
History
Citation
Sun, H., Yang, J., Zhao, W. & Nepal, S. K. (2012). SOAC-Net: A model to manage service-based business process authorization. Ninth International Conference on Services Computing, SCC 2012 (pp. 376-383). Piscataway, New Jersey: IEEE.Parent title
Proceedings - 2012 IEEE 9th International Conference on Services Computing, SCC 2012Pagination
376-383Publisher website/DOI
Language
EnglishRIS ID
68822Usage metrics
Categories
Exports
RefWorksRefWorks
BibTeXBibTeX
Ref. managerRef. manager
EndnoteEndnote
DataCiteDataCite
NLMNLM
DCDC