Skip to main content
SpringerLink
Log in

Detecting and Resolving Conflicts of Mutual-Exclusion and Binding Constraints in a Business Process Context

  • Conference paper
On the Move to Meaningful Internet Systems: OTM 2011 (OTM 2011)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 7044))

Abstract

Mutual exclusion and binding constraints are important means to define which combinations of subjects and roles can be assigned to the tasks that are included in a business process. Due to the combinatorial complexity of potential role-to-subject and task-to-role assignments, there is a strong need to systematically check the consistency of a given set of constraints. In this paper, we discuss the detection of consistency conflicts and provide resolution strategies for the corresponding conflicts.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ahn, G., Sandhu, R.: Role-based Authorization Constraints Specification. ACM Transactions on Information and System Security (TISSEC) 3(4) (November 2000)

    Google Scholar 

  2. Baliosian, J., Serrat, J.: Finite State Transducers for Policy Evaluation and Conflict Resolution. In: Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks (June 2004)

    Google Scholar 

  3. Bertino, E., Ferrari, E., Atluri, V.: The specification and enforcement of authorization constraints in workflow management systems. ACM Transactions on Information and System Security (TISSEC) 2(1) (1999)

    Google Scholar 

  4. Botha, R.A., Eloff, J.H.: Separation of duties for access control enforcement in workflow environments. IBM Systems Journal 40(3) (2001)

    Google Scholar 

  5. Casati, F., Castano, S., Fugini, M.: Managing Workflow Authorization Constraints through Active Database Technology. Information Systems Frontiers 3(3) (2001)

    Google Scholar 

  6. Ferraiolo, D., Barkley, J., Kuhn, D.: A Role-Based Access Control Model and Reference Implementation within a Corporate Intranet. ACM Transactions on Information and System Security (TISSEC) 2(1) (February 1999)

    Google Scholar 

  7. Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control, 2nd edn. Artech House (2007)

    Google Scholar 

  8. Jaeger, T., Sailer, R., Zhang, X.: Resolving constraint conflicts. In: Proc. of the Ninth ACM Symposium on Access Control Models and Technologies, SACMAT (2004)

    Google Scholar 

  9. Moffett, J.D., Sloman, M.S.: Policy Hierarchies for Distributed Systems Management. IEEE Journal on Selected Areas in Communications 11(9) (1993)

    Google Scholar 

  10. Moffett, J.D., Sloman, M.S.: Policy Conflict Analysis in Distributed System Management. Journal of Organizational Computing 4(1) (1994)

    Google Scholar 

  11. Feinstein, H., Sandhu, R., Coyne, E., Youman, C.: Role-based access control models. IEEE Computer 29(2) (1996)

    Google Scholar 

  12. Schaad, A.: Detecting Conflicts in a Role-Based Delegation Model. In: Proceedings of the 17th Annual Computer Security Applications Conference, ACSAC (December 2001)

    Google Scholar 

  13. Sloman, M.S.: Policy Driven Management for Distributed Systems. Journal of Network and Systems Management 2(4) (1994)

    Google Scholar 

  14. Strembeck, M., Mendling, J.: Generic Algorithms for Consistency Checking of Mutual-Exclusion and Binding Constraints in a Business Process Context. In: Meersman, R., Dillon, T.S., Herrero, P. (eds.) OTM 2010. LNCS, vol. 6426, pp. 204–221. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. Strembeck, M., Mendling, J.: Modeling Process-related RBAC Models with Extended UML Activity Models. Information and Software Technology 53(5) (2011)

    Google Scholar 

  16. Tan, K., Crampton, J., Gunter, C.A.: The Consistency of Task-Based Authorization Constraints in Workflow Systems. In: Proceedings of the 17th IEEE workshop on Computer Security Foundations (June 2004)

    Google Scholar 

  17. Wainer, J., Barthelmess, P., Kumar, A.: W-RBAC - A workflow security model incorporating controlled overriding of constraints. International Journal of Cooperative Information Systems (IJCIS) 12(4) (2003)

    Google Scholar 

  18. Wang, H., Sun, L., Varadharajan, V.: Purpose-based access control policies and conflicting analysis. In: Rannenberg, K., Varadharajan, V., Weber, C. (eds.) SEC 2010. IFIP AICT, vol. 330, pp. 217–228. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  19. Warner, J., Atluri, V.: Inter-instance authorization constraints for secure workflow management. In: Proc. of the Eleventh ACM Symposium on Access Control Models and Technologies, SACMAT (June 2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Information Systems, New Media Lab, Vienna University of Economics and Business (WU Vienna), Austria

    Sigrid Schefer, Mark Strembeck & Anne Baumgrass

  2. Institute for Information Business, Vienna University of Economics and Business (WU Vienna), Austria

    Jan Mendling

Authors
  1. Sigrid Schefer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mark Strembeck
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jan Mendling
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Anne Baumgrass
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. STAR Lab, Vrije Universiteit Brussel (VUB), Bldg G/10, Pleinlaan 2, 1050, Brussel, Belgium

    Robert Meersman

  2. DEBII, Curtin University of Technology, Technology Park, De Laeter Way, 6102, Bentley, WA, Australia

    Tharam Dillon

  3. Facultad de Informática, Universidad Politécnica de Madrid, Campus de Montegancedo S/N, 28660, Boadilla del Monte, Madrid, Spain

    Pilar Herrero

  4. Smeal College of Business, Pennsylvania State University, University Park, PA 16802, U.S.A.

    Akhil Kumar

  5. Institute of Databases and Information Systems, Ulm University, Germany

    Manfred Reichert

  6. City University of Hong Kong, Hong Kong

    Li Qing

  7. National University of Singapore (NUS), Singapore

    Beng-Chin Ooi

  8. Dipartemento Tecnologie dell’Informazione, Universitá degli Studi di Milano, Via Bramante 65, 26013, Crema, Italy

    Ernesto Damiani

  9. VU Station B #1829, Vanderbilt University, 2015 Terrace Place, TN 37203, Nashville, USA

    Douglas C. Schmidt

  10. Virginia Tech, 24060, Blacksburg, VA, USA

    Jules White

  11. Digital Enterprise Research Institute (DERI), National University of Ireland, IDA Business Park, Lower Dangan, Galway, Ireland

    Manfred Hauswirth

  12. Kno.e.sis Center, Wright State University, Dayton, Ohio, USA

    Pascal Hitzler

  13. IBM India Research Lab, 4, Block C, Institutional Area, Vasant Kunj, 110 070, New Delhi, India

    Mukesh Mohania

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Schefer, S., Strembeck, M., Mendling, J., Baumgrass, A. (2011). Detecting and Resolving Conflicts of Mutual-Exclusion and Binding Constraints in a Business Process Context. In: Meersman, R., et al. On the Move to Meaningful Internet Systems: OTM 2011. OTM 2011. Lecture Notes in Computer Science, vol 7044. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25109-2_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25109-2_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25108-5

  • Online ISBN: 978-3-642-25109-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation