An approach to capture authorisation requirements in business processes |
| |
Authors: | Christian Wolter Christoph Meinel |
| |
Affiliation: | (1) Bombardier Transportation, Schoeneberger Ufer 1, 10785 Berlin, Germany;(2) Hasso-Plattner Institute, Prof.-Dr.-Helmert-Str. 2-3, 14482 Potsdam, Germany |
| |
Abstract: | Business process modelling focuses on the modelling of functional behaviour. In this article, we propose an extension for
the business process modelling notation to express non-functional authorisations requirements in a process model to enable
the collaboration between security experts and business analysts. To capture multi-level, role-based and Separation of Duty
authorisation requirements, new model element attributes and authorisation artefacts are introduced. To enhance the usability
of this approach, simple visual decorators are specified to ease the communication of requirements between various stakeholders.
To provide an early validation of these authorisation requirements during the definition of a process model, formal semantics
are applied to the process model and model-checking techniques are used to provide feedback. As a pragmatic proof-of-concepts,
a first prototype implementation is briefly discussed. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|