Abstract
With the rise of global networks like the Internet the importance of workflow systems is growing. However, security questions in such environments often only address secure communication. Another important topic that is often ignored is the separation of duties which is an important part of a company’s security policy to prevent fraud. This paper introduces a prototype that supports the graphical modeling and analysis of separation of duties in workflow environments. Security officers can use this tool to design and analyze the security rules associated with workflow specifications.
Chapter PDF
Similar content being viewed by others
References
Gail-Joon Ahn and Ravi Sandhu. The RSL99 Language for Role-based Separation of Duty Constraints. In Proceedings of the Fourth ACM Workshop on Role-Based Access Control, Fairfax, VA, October 28–29 1999.
Elisa Bertino, Elena Ferrari, and Vijay Atluri. The Specification and Enforcement of Authorization Constraints in Workflow Management Systems. ACM Transactions on Information and System Security, 2(1):65–104, Feb. 1999.
Christoph J. Bussler. Policy Resolution in Workflow Management Systems. Digital Technical Journal, 6(4), 1995.
Andrzej Cichocki, Abdelsalam Helal, Marek Rusinkiewicz, and Darrell Woelk. Workflow and Process Automation-Concepts and Technology. Kluwer Academic, 1998.
David R. Clark and David R. Wilson. A Comparison of Commercial and Military Computer Security Policies. In Proceedings of the 1987 IEEE Symposium Security and Privacy, pages 184–194, Oakland, CA, 1987.
Computer Security Institute. Issues and Trends-CSI/FBI Computer Crime and Security Survey. http://www.gocsi.com/summary.html, 1999.
Dimitrios Georgakopoulos, Mark Hornick, and Amith Sheth. An Overview of Workflow Management: From Process Modeling to Work-flow Automation Infrastructure. Distributed and Parallel Databases, 3:119–153, 1995.
Virgil D. Gligor, Serban I. Gavilla, and David Ferraiolo. On the Formal Definition of Separation-of-Duty Policies and their Composition. In Proceedings of the 1998 IEEE Symposium on Security and Privacy, Oakland, CA, 1998.
Wei-Kuang Huang and Vijayalakshmi Atluri. SecureFlow: A Secure Web-enabled Workflow Management System. In Proceedings of the Fourth ACM Workshop on Role-Based Access Control, pages 83–94, Fairfax, VA, October 28–29 1999.
Kurt Jensen. Coloured Petri Nets-Basic Concepts, Analysis Methods and Practical Use, Volume 1. EATCS Monographs on Theoretical Computer Science. Springer, 1992.
Konstantin Knorr. WWW Workflows based on Petri Nets. In Proceedings of the Ninth International Conference on Information Systems Development, Kristiansand, Norway, August 2000.
Konstantin Knorr and Harald Weidner. Analyzing Separation of Duties in Petri Net Workflows. In Proceedings of the First International Workshop on Mathematical Methods, Models and Architectures for Computer Networks Security, St. Petersburg, May 21–23 2001.
Peter Langner, Christoph Schneider, and Joachim Wehler. Prozessmod-ellierung mit ereignisgesteuerten Prozessketten (EPKs) und Petri-Netzen. Wirtschaftsinformatik, 39(5):479–489, 1997.
L. G. Lawrence. The Role of Roles. Computers & Security, (12): 15–21, 1993.
F. Leymann and W. Altenhuber. Managing Business Processes as an Information Resource. IBM Systems Journal, 33(2):326–348, 1994.
Andreas Oberweis. Modellierung und Ausführung von Workflows mit Petri-Netzen. Teubner-Reihe Wirtschaftsinformatik. B.G. Teubner, 1996.
Wolfgang Reisig. Petri Nets-An Introduction. EATCS Monographs on Theoretical Computer Science. Springer, 1985.
P. Rittgen. Paving the Road to Business Process Automation. In Martin Bichler and Harald Mahrer, editors, Proceedings of the 8th European Conference on Information Systems (ECIS), volume 1, pages 313–319, Vienna, Jul. 2000.
Ravi Sandhu. Separation of Duties in Computerized Information Systems. In Proceedings of the IFIP WG11.3 Workshop on Database Security, Halifax, UK, September 18–21 1990.
August-Wilhelm Scheer. Wirtschaftsinformatik. Studienausgabe. Referenzmodelle für industrielle Geschäftsprozesse. Springer, 1998.
Henrik Stormer, Konstantin Knorr, and Jan Eloff. A Model for Security in Agent-based Workflows. Informatik · Informatique, 6:24–29, Dec. 2000.
Dirk Wodtke and Gerhard Weikum. A Formal Foundation for Distributed Workflow Execution Based on State Charts. In Proceedings of the international Conference on Database Theory, Greece, 1997.
Workflow Management Coalition. Interface 1: Process Definition Definition Interchange-Process Model. Workflow Management Coalition, 1998. Document Number TC-1016-P.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 IFIP International Federation for Information Processing
About this paper
Cite this paper
Knorr, K., Stormer, H. (2001). Modeling and Analyzing Separation of Duties in Workflow Environments. In: Dupuy, M., Paradinas, P. (eds) Trusted Information. SEC 2001. IFIP International Federation for Information Processing, vol 65. Springer, Boston, MA. https://doi.org/10.1007/0-306-46998-7_14
Download citation
DOI: https://doi.org/10.1007/0-306-46998-7_14
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-7923-7389-6
Online ISBN: 978-0-306-46998-5
eBook Packages: Springer Book Archive