nach oben

Information Systems Frontiers

Erschienen in:

01.04.2011

Integrating constraints to support legally flexible business processes

verfasst von: Yuqing Sun, Joshua Zhexue Huang, Xiangxu Meng

Erschienen in: Information Systems Frontiers | Ausgabe 2/2011

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Flexible collaboration is a notable attribute of Web 2.0, which is often in the form of multiple users participating different activities that together complete a whole business process. In such an environment, business processes may be dynamically customized or adjusted, as well as the participants may be selected or attend uncertainly. So how to ensure the legitimacy of a business process for both security and business is increasingly critical. In this paper, we investigate this problem and introduce a novel method to support legally flexible business processes. The proposed Constraint-based Business Process Management Model incorporates constraints into the standard activities composing a business process, where the security constraints place restrictions on participants performing the activities and business constraints restrict the dependencies between multiple activities. By the assembly operations, business processes can be dynamically generated and adjusted with activities, that are obliged to the specified constraints. Several algorithms are presented to verify the consistency of constraints and the soundness of the generated business processes, as well as to perform the execution planning to guarantee the correct execution of a business process on the precondition of satisfying all constraints. We present an illustrative example and implement a prototype for the proposed model that is an application of property rights exchange for supporting legal business processes.

Vorheriger Artikel How social influence affects we-intention to use instant messaging: The moderating effect of usage experience

Nächster Artikel Integrating organizational, social, and individual perspectives in Web 2.0-based workplace e-learning

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Adam, N. R., Atluri, V., Bertino, E., & Ferrari, E. (2002). A content-based authorization model for digital libraries. IEEE Transactions on Knowledge and Data Engineering, 14(2), 296–315.CrossRef

Ahn, G.-J., & Sandhu, R. (2000). Role-based authorization constraints specification. ACM Transaction on Information System Security, 3(4), 207–226.CrossRef

Bertino, E., Ferrari, E., & Atluri, V. (1999). The specification and enforcement of authorization constraints in workflow management systems. ACM Transactions on Information System Security, 2(1), 65–104.CrossRef

Chaari, S., Biennier, F., Ben Amar, C., & Favrel, J. (2004). An authorization and access control model for workflow. In Proceedings of the 1st international workshop on computer supported activity coordination, Porto, Portugal (pp. 21–30).

Clark, D. D., & Wilson, D. R. (1987). A comparision of commercial and military computer security policies. In Proceedings of the 1987 IEEE symposium on security and privacy (pp. 184–194). Silver Spring: IEEE Computer Society Press.

Georgiadis, C. K., Mavridis, I., Pangalos, G., & Thomas, R. K. (2001). Flexible team-based access control using context. In Proceeding of ACM symposium on accesss control models and technoloy (pp. 21–27). Chantilly, VA.

Gordon, L. A., & Loeb, M. P. (2006). Economic aspects of information security: An emerging field of research. Information Systems Frontiers, 8(5), 335–337.CrossRef

Koshutanski, H., & Massacci, F. (2005a). Interactive credential negotiation for stateful business processes. In Proceedings of 3rd international conference on trust management (iTrust 2005), LNCS (Vol. 3477, pp. 256–272). Rocquencourt: Springer.

Koshutanski, H., & Massacci, F. (2005b). An access control framework for business processes for web services. In Proceedings of ACM workshop on xml security, Fairfax VA, USA (pp. 15–24).

Li, N., Tripunitara, M. V., & Wang, Q. (2006). Resiliency policies in access control. In Proc. ACM conference on computer and communications security (pp. 113–123).

Mangan, P. J., & Sadiq, S. (2002). A constraints specification approach to building flexible workflows. Journal of Research and Practice in Information Technology, 35(1), 21–39.

Oh, S., & Park, S. (2003). Task-role-based access control model. Journal of Information System, 28, 533–562.CrossRef

Paci, F., Bertino, E., & Crampton, J. (2008a). An access-control framework for WS-BPEL. International Journal of Web Service Research 5(3), 20–43.CrossRef

Paci, F., Ferrini, R., Sun, Y. Q., & Bertino, E. (2008b). Authorization and user failure resiliency for WS-BPEL business processes. In Proceeding of the 6^th international conference on service oriented computing, University of Technology, Sydney, Ultimo City (pp. 116–131).

Sandhu, R., Coyne, E., Feinstein, H., & Youman, C. (1996). Rose-based access control model. IEEE Computer, 29(2), 38–47.

Sun, Y. Q., & Pan, P. (2005). PRES-A practical flexible RBAC workflow system. In Proceedings of the 7^th international conference on electronic commerce, Xi’an, China (pp. 653–658).

Thomas, R. (1997). Team-based access control. In Proceeding of 2^nd ACM workshop on role-based access control, Fairfax VA (pp. 13–19).

Thomas, R. K., & Sandhu, R. (1997). Task-based authorization controls (TBAC): A family of models for active and enterprise-oriented autorization management. In Proceedings of the IFIP 11th international conference on database securty XI (pp. 166–181).

Tolone, W., Ahn, G., Pai, T., & Hong, S. P. (2005). Access control in collaberative systems. ACM Computing Survey 37(1), 29–41.CrossRef

van der Aalst, W. M. P. (1996). Three good reasons for using petri net-based workflow management system. In Proceedings of the international workflow conference on information and process integration in enterprises (IPIC’96) (pp. 179–201).

van der Aalst, W. M. P. & Berens, P. J. S. (2001). Beyond workflow management: Product-driven case handing. In Proceeding of ACM conference on supporting group work, Boulder, Colorado (pp. 42–51).

van der Aalst, W. M. P. & Jablonski, S. (Eds.) (2000). Flexible workflow technology driving the networked economy. International Journal of Computer Systems, Science, and Engineering, 15(5, special issue).

van der Aalst, W., & van Hee, K. (2004). Workflow management models, methods, and systems. Cambridge: MIT.

Wang, Q., & Li, N. (2007). Satisfiability and resiliency in workflow systems. In Proc. European symp. on research in computer security (ESORICS) (pp. 90–105).

Yu, X., et al. (2007). A model-driven development framework for enterprise web services. Information Systems Frontiers, 9(4), 391–409.CrossRef

Yuan, Z. (2005). The theory and apllication of petri-net. Beijing: Electronic Industry Publishing Company. ISBN 7-121-00970-6.

Zhang, X. P., Cerone, A., & Krishnan, P. (2006). Verifying BPEL workflows under authorisation constraints. In Proceedings of fourth international conference on business process management (BPM 2006). Vienna, Austria.

Zisman, M. D. (1977). Representation, specification and automation of office procedures. PhD theses. Philadelphia: University of Pennsylvania Wharton School of Business.

Titel: Integrating constraints to support legally flexible business processes
verfasst von: Yuqing Sun
Joshua Zhexue Huang
Xiangxu Meng
Publikationsdatum: 01.04.2011
Verlag: Springer US
Erschienen in: Information Systems Frontiers / Ausgabe 2/2011
Print ISSN: 1387-3326
Elektronische ISSN: 1572-9419
DOI: https://doi.org/10.1007/s10796-009-9190-z

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2011

A study of the impacts of positive/negative feedback on collective wisdom—case study on social bookmarking sites

A university-oriented Web 2.0 services portal

ISF special issue on emerging social and legal aspects of information systems with Web 2.0

Taxonomy, technology and applications of smart objects

Trust perceptions of online travel information by different content creators: Some social and legal implications

Towards promoting interactivity in a B2B web community

Premium Partner