Skip to main content
SpringerLink
Log in

Access Control Model for Collaborative Business Processes

  • Chapter
  • First Online:
Engineering the User Interface

Abstract

One of the most important characteristics of current enterprise systems is the existence of collaborative processes where different users/subsystems communicate and cooperate in order to carry out common activities. In these processes, shared resources are often used and there are complex relationships between activities and users, so the definition and administration of different security levels (tasks, users, resources, etc.) is necessary. In this article, we shall focus on an important dimension related to the security aspect of collaborative systems: access control. We shall use an organization model that considers the necessary elements to represent authorization and access control aspects in enterprise systems. This model is used in a service-oriented architecture (SOA) in order to facilitate the implementation of a service which is responsible for these important functions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bell DE, LaPadula LJ (1974) Secure Computer Systems: Mathematical Foundations and Models. Mitre Report M74-244, Mitre Corporation, Bedford, Massachusetts

    Google Scholar 

  2. Firesmith DG (2003) Engineering Security Requirements. J Object Technology 2: 53-68

    Google Scholar 

  3. Firesmith DG (2004) Specifying Reusable Security Requirements. J Object Technology 3: 61-75

    Article  Google Scholar 

  4. Garrido JL, Paderewski P, Rodríguez ML, Hornos M, Noguera M (2005) A software architecture intended to design high quality groupware applications. In: Proceedings of the ICSE Research and Practice, pp 59-65

    Google Scholar 

  5. Gerber M, von Solms R, Overbeek P (2001) Formalizing information security requirements. J Information Management & Computer Security 9: 32-37

    Article  Google Scholar 

  6. Gutiérrez C, Fernández-Medina E, Piattini M (2004) A Survey of Web Services Security. Computational Science and Its Applications ICCSA 2004 vol 3043/2004 pp 968-977

    Article  Google Scholar 

  7. Gutiérrez FL, Isla JL, Paderewski P, Sánchez M, Jiménez B (2007) An architecture for access control management in collaborative enterprise systems based on organization models. J Sci Comput Program 66: 44-59

    Article  MATH  Google Scholar 

  8. Harrison MH, Ruzzo WL, and Ullman JD (1976) Protection in operating systems. Commun ACM 19: 461-471

    Article  MathSciNet  MATH  Google Scholar 

  9. Joshi JB, Aref WG, Ghafoor A, Spafford E H (2001) Security models for web-based applications. Commun ACM 44: 38-44

    Article  Google Scholar 

  10. Paderewski P, Rodríguez MJ, Parets J (2003) An Architecture for Dynamic and Evolving Cooperative Software Agents. In: Computer Standards & Interfaces, vol 25, Elsevier Science, pp 261-269

    Google Scholar 

  11. Paderewski P, Torres JJ, Rodríguez MJ, Medina N, Molina F, A software system evolutionary and adaptive framework: Application to agent-based systems. Journal of Systems Architecture 50: 407-416

    Google Scholar 

  12. Sandhu RS (1988) The schematic protection model: its definition and analysis for acyclic attenuating schemes. J ACM 35: 404-432

    Article  Google Scholar 

  13. Sandhu RS (1992) The typed access matrix model. In: Proceedings of the 1992 IEEE Symposium on Security and Privacy. IEEE Computer Society, Washington, DC, pp 122-136

    Book  Google Scholar 

  14. Sandhu RS (1993) Lattice-based access control models. IEEE Computer 26:9-19

    Article  Google Scholar 

  15. Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (2006) Role-based access control models. IEEE Computer 29: 38-47

    Article  Google Scholar 

  16. Thomas RK, Sandhu RS (1997) Task-based Authorization Controls(TBAC): A Family of Models for Active and Enterpriseoriented Authorization Management. Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects, pp 166-181

    Google Scholar 

  17. Tidswell J, Potter J (1998) A Dynamically Typed Access Control Model. In: Proceedings of the Third Australasian Conference on information Security and Privacy C. Boyd and E. Dawson (eds), Lecture Notes In Computer Science, vol 1438, Springer-Verlag, London, pp 308-319

    Google Scholar 

  18. Van Welie M, Van der Veer GC (1998) An ontology for task world models. In: Design, Specification and Verification of Interactive System’98, Springer Computer Science

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Languages and Systems, University of Granada, Granada

    M. Sánchez, B. Jiménez, F. L. Gutièrrez & P. Paderewski

  2. Department of Computer Languages and Systems, University of Cadiz, Cadiz

    J. L. Isla

Authors
  1. M. Sánchez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. B. Jiménez
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. F. L. Gutièrrez
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. P. Paderewski
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. J. L. Isla
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to M. Sánchez .

Editor information

Editors and Affiliations

  1. Depto. Informática, Universidad de Castilla-La Mancha, Paseo de la Universidad 4, Ciudad Real, 13071, Spain

    Miguel Redondo

  2. Depto. Informática, Universidad de Castilla-La Mancha, Paseo de la Universidad 4, Ciudad Real, 13071, Spain

    Crescencio Bravo

  3. Depto. Informática, Universidad de Castilla-La Mancha, Paseo de la Universidad 4, Ciudad Real, 13071, Spain

    Manuel Ortega

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag London

About this chapter

Cite this chapter

Sánchez, M., Jiménez, B., Gutièrrez, F., Paderewski, P., Isla, J.L. (2009). Access Control Model for Collaborative Business Processes. In: Redondo, M., Bravo, C., Ortega, M. (eds) Engineering the User Interface. Springer, London. https://doi.org/10.1007/978-1-84800-136-7_9

Download citation

  • DOI: https://doi.org/10.1007/978-1-84800-136-7_9

  • Published:

  • Publisher Name: Springer, London

  • Print ISBN: 978-1-84800-135-0

  • Online ISBN: 978-1-84800-136-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation