• DocumentCode
    3068915
  • Title

    Extending Role-Based Access Control for Business Usage

  • Author

    Klarl, Heiko ; Klinger, Karsten ; Molitorisz, Korbinian ; Abeck, Sebastian ; Emig, Christian

  • Author_Institution
    iC Consult GmbH, Oberhaching, Germany
  • fYear
    2009
  • fDate
    18-23 June 2009
  • Firstpage
    136
  • Lastpage
    141
  • Abstract
    Role-based access control (RBAC) is used for managing authorisation in IT systems, by utilising the concept of roles. Existing approaches do not clearly define the term "role" in its different contexts as well as not considering the relation between roles and business process modelling. Therefore this work introduces business and system role-based access control (B&S-RBAC). Established role-based access control models are extended with a business perspective and the term role is defined from a business and from an IT perspective, resulting in business and system roles. The relation between them is shown in a meta-model and the usage of business roles for secure business process modelling is explained.
  • Keywords
    authorisation; business data processing; business process re-engineering; authorisation management; business process modelling; system role-based access control; Access control; Authorization; Business process re-engineering; Conference management; Context modeling; Identity management systems; Information security; Permission; Technology management; Unified modeling language; Access Control; Business Process Modelling; Business-IT Alignment; Identity Management; RBAC; Roles;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Emerging Security Information, Systems and Technologies, 2009. SECURWARE '09. Third International Conference on
  • Conference_Location
    Athens, Glyfada
  • Print_ISBN
    978-0-7695-3668-2
  • Type

    conf

  • DOI
    10.1109/SECURWARE.2009.28
  • Filename
    5211011
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3068915