Abstract
Security policy satisfiability and high failure resilience (i.e. survivability) are desirable properties of every system. Security issues and failure resilience are usually treated in stand alone mode and not in synergy. In this paper, we bridge this gap for workflows. We propose techniques which ensure that user-task assignment is both secure and failure resilient and present frameworks that meet different criteria of security policy, security constraints, and failure resilience.
Chapter PDF
Similar content being viewed by others
Keywords
- Access Control
- Quadratic Programming
- Security Policy
- Quadratic Programming Problem
- Conjunctive Normal Form
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Hung, P.C.K., Karlapalem, K., GrayIII, J.W.: A Study of Least Privilege in CapBasED-AMS. In: International Conference on Cooperative Information Systems, pp. 208–217 (1998)
Li, N., Tripunitara, M.V., Wang, Q.: Resiliency policies in access control. In: ACM Conference on Computer and Communications Security, pp. 113–123 (2006)
Wang, Q., Li, N.: Satisfiability and resiliency in workflow systems. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 90–105. Springer, Heidelberg (2007)
Thomas, R.K., Sandhu, R.S.: Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Authorization Management. In: Eleventh International Conference on Database Security, pp. 166–181 (1997)
Solworth, J.A.: Approvability. In: ASIACCS 2006: ACM Symposium on Information, computer and communications security, pp. 231–242 (2006)
Jin, H., Han, H., Somenzi, F.: Efficient Conflict Analysis for Finding All Satisfying Assignments of a Boolean Circuit. In: Halbwachs, N., Zuck, L.D. (eds.) TACAS 2005. LNCS, vol. 3440, pp. 287–300. Springer, Heidelberg (2005)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Tan, K., Crampton, J., Gunter, C.A.: The consistency of task-based authorization constraints in workflow systems. In: CSFW, p. 155 (2004)
Helsinger, A., Kleinmann, K., Brinn, M.: Framework to Control Emergent Survivability of Multi Agent Systems. In: AAMAS, pp. 28–35 (2004)
Navarro, G., Borrell, J., Ortega-Ruiz, J.A., Robles, S.: Access control with safe role assignment for mobile agents. In: AAMAS, pp. 1235–1236 (2005)
Kern, A., Walhorn, C.: Rule support for role-based access control. In: ACM symposium on Access control models and technologies, pp. 130–138 (2005)
Crampton, J.: A reference monitor for workflow systems with constrained task execution. In: SACMAT, pp. 38–47 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Lowalekar, M., Tiwari, R.K., Karlapalem, K. (2009). Security Policy Satisfiability and Failure Resilience in Workflows. In: Matyáš, V., Fischer-Hübner, S., Cvrček, D., Švenda, P. (eds) The Future of Identity in the Information Society. Privacy and Identity 2008. IFIP Advances in Information and Communication Technology, vol 298. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03315-5_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-03315-5_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03314-8
Online ISBN: 978-3-642-03315-5
eBook Packages: Computer ScienceComputer Science (R0)