Sigrid Schefer-Wenzl

Modeling Context-Aware RBAC Models for Business Processes in Ubiquitous Computing Environments

With ubiquitous computing technologies, business processes become more mobile and distributed and are executed in varying contexts. Context-aware access control mechanisms are an important prerequisite to protect sensitive data and services in secure ubiquitous computing environments. In an IT-supported workflow, process-related context constraints are a means to consider context information in access control decisions. A context constraint specifies that certain conditions must be fulfilled to permit the execution of a particular task. However, standard process modeling languages do not support the notion of context constraints in business processes. In this paper, we integrate context constraints with process-related role-based access control (RBAC) models and thereby support context-dependent task execution.

Modelling context-aware RBAC models for mobile business processes

In a mobile computing environment, distributed business processes are executed in varying contexts. Context-aware access control mechanisms help to protect sensitive data and services in mobile application scenarios. Context constraints are a means to consider context information in access control decisions. In this paper, we integrate context constraints with process-related role-based access control RBAC to support the secure and context-dependent task execution. In particular, we specify a formal metamodel for process-related and context-aware RBAC models. Subsequently, we define a domain-specific extension for UML Activity diagrams that enables the integrated modelling of context constraints and business processes. In addition, we implemented a software platform that enables the specification and enforcement of process-related context-aware RBAC policies.

An Approach for Consistent Delegation in Process-Aware Information Systems

Delegation is an important concept to increase flexibility in authorization and obligation management. Due to the complexity of potential delegation relations, there is a strong need to systematically check the consistency of all delegation assignments. In this paper, we discuss the detection of delegation conflicts based on the formal definitions of a model that supports the delegation of roles, tasks, and duties in a business process context.

Deriving Process-Related RBAC Models from Process Execution Histories

In a business process context, access permissions grant the rights to perform certain tasks. In particular, process-related role-based access control (RBAC) models define RBAC policies for process-aware information systems (PAIS). In addition, process-related RBAC models allow for the definition of entailment constraints on tasks, such as mutual exclusion or binding constraints, for example. This paper presents an approach to derive process-related RBAC models from process execution histories recorded by a PAIS. In particular, we present algorithms to derive corresponding RBAC artifacts and entailment constraints from standardized XML-based log files. All algorithms presented in this paper have been implemented and were tested via process logs created with CPN Tools.

An Experimental Study on the Design and Modeling of Security Concepts in Business Processes

In recent years, business process models are used to define security properties for the corresponding business information systems. In this context, a number of approaches emerged that integrate security properties into standard process modeling languages. Often, these security properties are depicted as text annotations or graphical extensions. However, because the symbols of process-related security properties are not standardized, different issues concerning the comprehensibility and maintenance of the respective models arise. In this paper, we present the initial results of an experimental study on the design and modeling of 11 security concepts in a business process context. In particular, we center on the semantic transparency of the visual symbols that are intended to represent the different concepts (i.e. the one-to-one correspondence between the symbol and its meaning). Our evaluation showed that various symbols exist which are well-perceived. However, further studies are necessary to dissolve a number of remaining issues.

A Case Study on the Suitability of Process Mining to Produce Current-State RBAC Models

Role-based access control (RBAC) is commonly used to implement authorization procedures in Process-aware information systems (PAIS). Process mining refers to a bundle of algorithms that typically discover process models from event log data produced during the execution of real-world processes. Beyond pure control flow mining, some techniques focus on the discovery of organizational information from event logs. However, a systematic analysis and comparison of these approaches with respect to their suitability for mining RBAC models is still missing. This paper works towards filling this gap and provides a first guidance for applying mining techniques for deriving RBAC models.

Model-driven specification and enforcement of RBAC break-glass policies for process-aware information systems

Context: In many organizational environments critical tasks exist which - in exceptional cases such as an emergency - must be performed by a subject although he/she is usually not authorized to perform these tasks. Break-glass policies have been introduced as a sophisticated exception handling mechanism to resolve such situations. They enable certain subjects to break or override the standard access control policies of an information system in a controlled manner. Objective: In the context of business process modeling a number of approaches exist that allow for the formal specification and modeling of process-related access control concepts. However, corresponding support for break-glass policies is still missing. In this paper, we aim at specifying a break-glass extension for process-related role-based access control (RBAC) models. Method: We use model-driven development (MDD) techniques to provide an integrated, tool-supported approach for the definition and enforcement of break-glass policies in process-aware information systems. In particular, we provide modeling support on the computation independent model (CIM) layer as well as on the platform independent model (PIM) and platform specific model (PSM) layers. Results: Our approach is generic in the sense that it can be used to extend process-aware information systems or process modeling languages with support for process-related RBAC and corresponding break-glass policies. Based on the formal CIM layer metamodel, we present a UML extension on the PIM layer that allows for the integrated modeling of processes and process-related break-glass policies via extended UML Activity diagrams. We evaluated our approach in a case study on real-world processes. Moreover, we implemented our approach at the PSM layer as an extension to the BusinessActivity library and runtime engine. Conclusion: Our integrated modeling approach for process-related break-glass policies allows for specifying break-glass rules in process-aware information systems.

Generic support for RBAC break-glass policies in process-aware information systems

We present a break-glass extension for process-related role-based access control (RBAC) models. Our extension ensures the static (design-time) and dynamic (runtime) consistency of corresponding break-glass models. The extension is generic in the sense that it can, in principle, be used to extend arbitrary process-aware information systems or process modeling languages with support for process-related RBAC and corresponding break-glass policies. We implemented a library and runtime engine that provides full platform support for all properties of our approach.

A Review of Delegation and Break-Glass Models for Flexible Access Control Management

Access control models provide important means for the systematic specification and management of the permissions in a business information system. While there are may well-known access control models (e.g., RBAC), standard access control models are often not suited for handling exceptional situations. The demand to increase the flexibility of access management has been approached mainly via the development of delegation models and break-glass models. This paper presents the results of a literature review of 329 delegation and break-glass approaches. We give an overview on the existing body of scientific literature in these two areas and compare 35 selected approaches in detail. We reveal different ways of providing delegation and break-glass concepts in general as well as in the context of business process management. Moreover, we identify different sub-topics that have not yet been addressed in detail and thus provide opportunities for future research.