2012 | OriginalPaper | Chapter
Flexible Scoping of Authorization Constraints on Business Processes with Loops and Parallelism
Authors : Samuel J. Burri, Günter Karjoth
Published in: Business Process Management Workshops
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
Real-life business process specifications include situations where work may be repeated due to exceptions such as the lack of resources or failed approvals. However, most authorization constraint models for business processes describe them as partially ordered sets of tasks. This abstraction simplifies the analysis of constraints greatly but prevents their use in real systems because control flows with loops are not supported. To overcome this limitation, we scope authorization constraints to task instances using the concept of release, which removes associations between users and their previously executed tasks. We define a model applying releases to cardinality and interval constraints, such as Separation of Duty (SoD). The latter is based on the notion of intervals defined by pairs of tasks and imposing conditions on the users executing them. We extend BPMN to visualize our constraints, bridging the gap between IT and business people as well as to auditors.