%0 Conference Proceedings
%T Assisting the Deployment of Security-Sensitive Workflows by Finding Execution Scenarios
%+ Fondazione Bruno Kessler [Trento, Italy] (FBK)
%+ SAP Labs France
%+ Università degli Studi di Trento =  University of Trento (UNITN)
%A Santos, Daniel
%A Ranise, Silvio
%A Compagna, Luca
%A Ponta, Serena, E.
%Z Part 2: Access Control and Authorization
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 29th IFIP Annual Conference on Data and Applications Security and Privacy (DBSEC)
%C Fairfax, VA, United States
%Y Pierangela Samarati
%I Springer International Publishing
%3 Data and Applications Security and Privacy XXIX
%V LNCS-9149
%P 85-100
%8 2015-07-13
%D 2015
%R 10.1007/978-3-319-20810-7_6
%Z Computer Science [cs]Conference papers
%X To support the re-use of business process models, an emerging trend in Business Process Management, it is crucial to assist customers during deployment. We study how to do this for an important class of business processes, called security-sensitive workflows, in which execution constraints on the tasks are complemented with authorization constraints (e.g., Separation of Duty) and authorization policies (constraining which users can execute which tasks). We identify the capability of solving Scenario Finding Problems (SFPs), i.e. finding concrete execution scenarios, as crucial in supporting the re-use of security-sensitive workflows. Solutions of SFPs provide evidence that the business process model can be successfully executed under the policy adopted by the customer. We present a technique for solving two SFPs and validate it on real-world business process models taken from an on-line library.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01745831/document
%2 https://inria.hal.science/hal-01745831/file/340025_1_En_6_Chapter.pdf
%L hal-01745831
%U https://inria.hal.science/hal-01745831
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-9149