Specifying process-aware access control rules in SBVR
Goedertier, Stijn, Mues, Christophe and Vanthienen, Jan (2007) Specifying process-aware access control rules in SBVR. In, Advances in Rule Interchange and Applications. Berlin. Germany, Springer, 39-52. (Lecture Notes in Computer Science, 4824). (doi:10.1007/978-3-540-75975-1).
Download
Full text not available from this repository.
Description/Abstract
Access control is an important aspect of regulatory compliance. Therefore, access control specifications must be process-aware in that they can refer to an underlying business process context, but do not specify when and how they must be enforced. Such access control specifications are often expressed in terms of general rules and exceptions, akin to defeasible logic. In this paper we demonstrate how a role-based, process-aware access control policy can be specified in the SBVR. In particular, we define an SBVR vocabulary that allows for a process-aware specification of defeasible access control rules. Because SBVR does not support defeasible rules, we show how a set of defeasible access control rules can be transformed into ordinary SBVR access control rules using decision tables as a transformation mechanism.
| Item Type: | Book Section |
|---|---|
| Additional Information: | ISSN: 0302-9743 |
| ISBNs: | 9783540759744 (hardback) |
| Keywords: | access control, defeasible logic, rbac, sbvr, bpm |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
| Divisions: | University Structure - Pre August 2011 > School of Management |
| Item ID: | 51617 |
| Date Deposited: | 27 Aug 2008 |
| Last Modified: | 21 Sep 2011 10:24 |
| Contributors: | Goedertier, Stijn (Author) Mues, Christophe (Author) Vanthienen, Jan (Author) |
| Date: | 2007 |
| Additional Information: | ISSN: 0302-9743 |
| Status: | Published |
| Publisher: | Springer |
| URI: | http://eprints.soton.ac.uk/id/eprint/51617 |
Actions (login required)
 |
View Item |
