Access Control for Human Tasks in Service Oriented Architecture

Author

Wang, Xin ; Zhang, Yanchun ; Shi, Hao

Author_Institution

Sch. of Comput. Sci. & Math., Victoria Univ., Sydney, VIC

fYear

2008

Firstpage

455

Lastpage

460

Abstract

Business process management is designed to make business activity coordination easier and more cost effective. WS-BPEL and BPEL4People extension together coordinate the web services and human activities within business process. However, the increasing business integration and legal requirements raise the need for secure business processes. The openness and distribution nature of inter-organisational business processes may result in more security breaches. Existing standards does not provide any support for business process security protection even if the participating organisations already have a working security policy. To address this problem, we extend traditional RBAC model to access control capability into business process environment. And an extension for WS-BPEL is also developed to represent the authorisation information in a formal manner.

Keywords

Web services; authorisation; business data processing; human factors; software architecture; BPEL4People; RBAC model; WS-BPEL; Web services; access control; authorisation information; business integration; business process management; human activities; human tasks; legal requirements; service oriented architecture; Access control; Costs; Humans; Information security; Law; Legal factors; Process design; Protection; Service oriented architecture; Web services; Access Control; BPEL; BPEL4People; Business Process; Web Service;

fLanguage

English

Publisher

ieee

Conference_Titel

e-Business Engineering, 2008. ICEBE '08. IEEE International Conference on

Conference_Location

Xi´an

Print_ISBN

978-0-7695-3395-7

Type

conf

DOI

10.1109/ICEBE.2008.89

Filename

4690651