Authorization Policy Based Business Collaboration Reliability Verification
Collaborative business can become unreliable in terms of authorization policy conflicts, for example, when (1) incorrect role assignment or modification occurs in a service within one organization or (2) messages transferred from one organization are accessed by unqualified roles in other collaborating business partners. Therefore reliability verification based on access policies is critical for business collaboration. In this paper, a role authorization model, Role-Net, is developed based on Hierarchical Colored Petri Nets (HCPNs) to specify and manage role authorization in business collaboration and to verify collaboration reliability according to partners’ authorization policies.
KeywordsLower Layer Role Element Business Process Execution Language Role Assignment Authorization Policy
- 3.Ferraiolo, D., Cugini, J., Kuhn, R.: Role Based Access Control:Features and Motivations. In: Proceedings of Annual Computer Security Applications Conference. IEEE Computer Society Press, Los Alamitos (1995)Google Scholar
- 5.Bertino, E., Crampton, J., Paci, F.: Access Control and Authorization Constraints for WS-BPEL. In: Proceedings of ICWS (2006)Google Scholar
- 6.OASIS Web Services Business Process Execution Language (WS-BPEL) Technical Committee. Web services business process execution language version 2.0, ws-bpel (2007), http://docs.oasis-open.org/wsbpel/2.0/cs01/wsbpel-v2.0-cs01.html
- 7.Liu, P., Chen, Z.: An Access Control Model for Web Services in Business Process. In: Proceedings of WI (2004)Google Scholar
- 8.Knorr, K.: Dynamic Access Control through Petri Net Workflows. In: Proceedings of ACSAC (2000)Google Scholar