Stephanie Teufel

The use of business process models for security design in organisations

This paper introduces a security design method for information exchange in organisations. The method supports security authorities in the design of individual security models. An individual security model is a fully customised specification of access control information for information exchange within a particular business environment. We introduce transaction based business process models (BPMs) and utilise these models to specify need-to-know authorisations. Therefore, we allocate information from BPMs which can be transformed to access control information and derive a specification of an organisation’s individual security model. Our method provides transparency of security design because a security model is directly related to the business. Moreover, security effort and costs will be reduced because BPMs must not be specified for security reasons. BPMs are a result of management activities and therefore, existing resources from a security point of view.

CSCW for strategic management in swiss enterprises: an empirical study

This paper presents the results of an empirical study into the current usage of groupware in strategic management and the potential of Computer Supported Cooperative Work (CSCW) for the top management in large-scale Swiss business enterprises. For this purpose we conducted a survey amongst 168 organisations.

A Context Authentication Service for Role Based Access Control in Distributed Systems - CARDS

Information misuse is one of the major risks for information systems in organisations. Traditional approaches for authorisation and access control are insufficient because information misuse is primarily done by authorised people. These people have opportunity to access information even for unintended purposes. Role based access controls address this problem because access rights can be related to context descriptions (roles) and therefore, need-to-know access controls can be established. Need-to-know access controls define roles according to tasks in an organisation which represent intended purposes for information usage. Nonetheless, existing approaches for role based access controls do not ensure context authenticity during system operation, i.e. correspondence between activated roles and tasks within an organisation’s actual business. Context authenticity must be ensured when a user activates a role or requests context related access to a particular object. Therefore, a context authentication service must be integrated with role based access controls. In this paper we describe the functionality and service components of a context authentication service called CARDS (Context Authentication Service for Role Based Access Control in Distributed Systems).

A comprehensive need-to-know access control system and its application for medical information systems

In this paper we present an access control system (ACS) that allows implemention as well as management of comprehensive need-to-know access control policies. The overall system is built around a role based ACS that has been extended by two additional components namely, a security design and a context autentication component which allow the overall system to cohesively implement and manage need-to-know policies. The security design component systematically generates access control information that is appropriate to initialise the role based ACS according to the individual need-to-know within an organisation. The context authentication component on the other hand, has been integrated with the access control decision facility of the role based ACS. It dynamically verifies if a need-to-know really exists at the particular point in time when users request access to information. Finally, we describe an application scenario that illustrates the benefits provided by our need-to-know ACS concerning privacy of patient data within a hospital environment.

A formal security design approach for information exchange in organisations

This paper introduces a formal security design approach for information exchange in organisations. The formal approach provides for automation of a security design method which supports security authorities in the design of individual security models. An individual security model is a fully customised specification of access control information for information exchange within a particular business environment. We introduce transaction based business process models (BPM) and utilise these models for a formal transformation to “need-to-know” authorisations. Therefore, we allocate information from BPMs which can be transformed to access control information and derive a specification of an organisation’s individual security model. Our approach provides transparency of security design because the design method ensures that a security model is directly related to the business. Moreover, security effort and costs will be reduced because BPMs must not be specified for security reasons and security design can be automated. BPMs are a result of management activities and therefore, existing resources from a security point of view.

Computerunterstützte Gruppenarbeit — eine Einführung

Ob Ziele in Organisationen erreicht werden, hangt in vielen Fallen von kooperativer Aufgabenerfullung ab. Die Werkzeuge, welche zu dieser Kooperation eingesetzt werden, beeinflussen wesentlich die Effektivitat und Effizienz betrieblicher Ablaufe und damit die Leistungsfahigkeit der gesamten Organisation. Arbeitsplatze sind heute mit Computern ausgestattet, die in zunehmendem Mase auch miteinander vernetzt werden. In Kombination mit innovativen Software-Applikationen kann diese Hardwareinfrastruktur kooperierende Personen bei der Ausfuhrung ihrer Tatigkeiten unterstutzen oder die gewunschte Zusammenarbeit sogar erst ermoglichen (Groupware). Eine zielgerichtete Aufgabenerfullung bedingt sowohl Kommunikation und Koordination als auch Kooperation. Unterstutzung dafur kann einerseits durch die Uberbruckung raumlicher und zeitlicher Distanzen, andererseits aber auch durch Hilfsmittel fur das Management arbeitsteiliger Prozesse geboten werden. Zudem stehen Unternehmen durch die zunehmende Dynamisierung der okonomischen Umwelt vor der Herausforderung, flexible Organisationsstrukturen zu schaffen. Dabei gewinnt die Einschatzung an Bedeutung, das der Nutzen traditioneller Rationalisierungskonzepte wie die Prinzipien der Arbeitsteilung und Spezialisierung begrenzt sind.

Security concerns for mobile information systems in health care

We study the mutually restricting problems of permanent availability and legally demanded security of patient data in clinical information systems. Inefficiencies in todays clinical information management call for an integrated technological support for hospitals. In particular, client/server solutions offer the flexibility and spatial independence appreciated in health care. On the other hand, mobile client applications having access from nearly everywhere in a hospital to servers containing sensitive data arouse severe security problems. Additionally, the need for 24 hours per day and 7 days per week availability of patient data in hospital run information systems defines a conflicting border condition. We present a proposed approach developed in the Swiss National Science Foundation project MobiMed to support clinical processes technologically, including access control which is compatible with security mechanisms as well as everyday practical work consideration in clinical environments.

Information Security Concepts in Computer Supported Cooperative Work

With this paper we introduce information security aspects and concepts to the field of Computer Supported Cooperative Work (CSCW). Starting from a functional view of CSCW technology and the definition of the relevant security areas we outline a catalogue of security criteria which should be fulfilled by CSCW applications in order to increase the acceptance and reliability of such systems. Classical information security criteria such as confidentiality are adapted to the specific security requirements of CSCW applications and new security criteria being specific to CSCW applications are presented. Furthermore, we propose how to map CSCW artefacts (such as collaborative writing) onto security criteria.