Affiliation:
1. Deutsches Forschungszentrum für Künstliche Intelligenz, Bremen
Abstract
Abstract
Workflow management plays an important role in analyzing and automating business processes.
Security requirements in workflow management systems are typically mapped to (role-based) access control configurations.
This paper focuses on information flow control, taking into account implicit information leaks.
The presented approach operates on a specification level in which no executable program is available yet.
We illustrate the modeling of a workflow management system as a composition of state-event systems, each representing one of the activities of the workflow. This facilitates distributed deployment and eases verification by splitting up the verification of the overall system into verification of the individual components. Confidentiality requirements are
modeled in terms of information flow predicates using the MAKS framework and verified following
existing decomposition methodologies, which are adapted for open systems with ongoing user
interaction.
We discuss the interaction with other security requirements, notably separation of duty.
Cited by
4 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献