PASOAC-Net: A Petri-Net Model to Manage Authorization in Service-Based Business Process
A successful execution of a Business Process (BP) is possible only if the proper coordination exists between (1) BP’s execution policy, (2) BP’s authorization policy, and (3) the authorization policies of BP’s resources. Hence, there is a need of an effective authorization model that brings all types of policies together for a BP executing successfully without breaking any authorization and business rules. This paper proposes a Petri-Net process model, Process-Aware Service-Oriented Authorization Control Net (PASOAC-Net). PASOAC-Net is developed based on the conceptual model PASOAC, an extension of Role Based Access Control (RBAC), which takes both resources and users into account. A set of authorization constraints is designed in PASOAC to coordinate the user access and the resource support in a process environment.
KeywordsBusiness Process Resource Type User Access Resource Support Authorization Model
- 5.Tan, K., Crampton, J., Gunter, C.A.: The consistency of task-based authorization constraints in workflow. In: IEEE Workshop of Comp. Security Foundations (2004)Google Scholar
- 6.Wonohoesodo, R., Tari, Z.: A Role Based Access Control for Web Services. In: Proceedings of SCC, pp. 49–56 (2004)Google Scholar
- 7.Fischer, J., Majumdar, R.: A Theorey of Role Composition. In: Proceedings of ICWS, pp. 49–56 (2008)Google Scholar