PASOAC-Net: A Petri-Net Model to Manage Authorization in Service-Based Business Process

Sun, Haiyang; Zhao, Weiliang; Nepal, Surya

doi:10.1007/978-3-642-34321-6_41

Haiyang Sun²⁰,
Weiliang Zhao²¹ &
Surya Nepal²²

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 7636))

Included in the following conference series:

International Conference on Service-Oriented Computing

2289 Accesses

Abstract

A successful execution of a Business Process (BP) is possible only if the proper coordination exists between (1) BP’s execution policy, (2) BP’s authorization policy, and (3) the authorization policies of BP’s resources. Hence, there is a need of an effective authorization model that brings all types of policies together for a BP executing successfully without breaking any authorization and business rules. This paper proposes a Petri-Net process model, Process-Aware Service-Oriented Authorization Control Net (PASOAC-Net). PASOAC-Net is developed based on the conceptual model PASOAC, an extension of Role Based Access Control (RBAC), which takes both resources and users into account. A set of authorization constraints is designed in PASOAC to coordinate the user access and the resource support in a process environment.

Download to read the full chapter text

Chapter PDF

Process Driven Access Control and Authorization Approach

Using Coloured Petri Nets for Resource Analysis of Active Objects

Behavioral Analysis of Service Composition Patterns in ECBS Using Petri-Net-Based Approach

Keywords

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

Sandhu, R.S., Coyne, E., Feinstein, H., Youman, C.: Role-based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Article Google Scholar
Ahn, G., Sandhu, R.: Role-Based Authorization Constraints Specification. ACM Transactions on Information and System Security (TISSEC) 3(4), 207–226 (2000)
Article Google Scholar
Ferraiolo, D., Sandhu, R., et al.: Proposed NIST Standard for Role-Based Access Control. TISSEC 4(3), 224–274 (2001)
Article Google Scholar
Atluri, V., Huang, W.-K.: An Authorization Model for Workflows. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 44–64. Springer, Heidelberg (1996)
Chapter Google Scholar
Tan, K., Crampton, J., Gunter, C.A.: The consistency of task-based authorization constraints in workflow. In: IEEE Workshop of Comp. Security Foundations (2004)
Google Scholar
Wonohoesodo, R., Tari, Z.: A Role Based Access Control for Web Services. In: Proceedings of SCC, pp. 49–56 (2004)
Google Scholar
Fischer, J., Majumdar, R.: A Theorey of Role Composition. In: Proceedings of ICWS, pp. 49–56 (2008)
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computing, Macquarie University, Sydney, Australia
Haiyang Sun
Faculty of Engineering, University of Wollongong, Wollongong, Australia
Weiliang Zhao
CSIRO ICT Centre, Sydney, Australia
Surya Nepal

Authors

Haiyang Sun
View author publications
You can also search for this author in PubMed Google Scholar
Weiliang Zhao
View author publications
You can also search for this author in PubMed Google Scholar
Surya Nepal
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Faculty of ICT, Swinburne University of Technology, John Street, 3122, Hawthorn, VIC, Australia
Chengfei Liu
IBM Almaden Research Center, 650 Harry Road, 95120, San Jose, CA, USA
Heiko Ludwig
LIMOS - UMR 6158, Blaise Pascal University, Complexe scientifique des Cézeaux, 63177, Aubiere, France
Farouk Toumani
College of Computing and Information Sciences, Rochester Institute of Technology, 1 Lomb Memorial Drive, 14623, Rochester, NY, USA
Qi Yu

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Sun, H., Zhao, W., Nepal, S. (2012). PASOAC-Net: A Petri-Net Model to Manage Authorization in Service-Based Business Process. In: Liu, C., Ludwig, H., Toumani, F., Yu, Q. (eds) Service-Oriented Computing. ICSOC 2012. Lecture Notes in Computer Science, vol 7636. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34321-6_41

Download citation

DOI: https://doi.org/10.1007/978-3-642-34321-6_41
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34320-9
Online ISBN: 978-3-642-34321-6
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics