Enabling Fine-grained Access Control in Flexible Distributed Object-aware Process Management Systems

Andrews, Kevin and Steinau, Sebastian and Reichert, Manfred (2017) Enabling Fine-grained Access Control in Flexible Distributed Object-aware Process Management Systems. In: 21st IEEE International Enterprise Distributed Object Computing Conference (EDOC 2017), October 10-13, 2017, Québec City.

[thumbnail of ASR_ED_17.pdf] PDF - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (1MB)

Abstract

To increase flexibility, object-aware process management systems enable data-driven process execution and dynamic generation of form-based tasks at run-time. Therefore, a powerful access control concept becomes necessary to define which data elements users may read or write at a given point in time during process execution. The access control concept we present in this paper has been realized in the context of the PHILharmonicFlows framework, which provides a distributed data-driven process execution engine. We present solutions that allow for complex as well as fine-grained permissions and roles, which are granted depending on the states of processes and data elements. We show how one can resolve authorization queries in real-time over multiple business objects and process instances. This constitutes a significant advantage over centralized access control systems.

Item Type: Conference or Workshop Item (Paper)
Uncontrolled Keywords: access control, authorization, permissions, roles, process management, scalability, PHILharmonicFlows
Subjects: DBIS Research > Publications
Divisions: Faculty of Engineering, Electronics and Computer Science > Institute of Databases and Informations Systems > DBIS Research and Teaching > DBIS Research > Publications
Depositing User: Herr Andrews Kevin
Date Deposited: 11 Aug 2017 11:09
Last Modified: 12 Mar 2020 23:16
URI: http://dbis.eprints.uni-ulm.de/id/eprint/1544

Actions (login required)

View Item
View Item