Andrews, Kevin and Steinau, Sebastian and Reichert, Manfred (2017) Enabling Fine-grained Access Control in Flexible Distributed Object-aware Process Management Systems. In: 21st IEEE International Enterprise Distributed Object Computing Conference (EDOC 2017), October 10-13, 2017, Québec City.
![[thumbnail of ASR_ED_17.pdf]](http://dbis.eprints.uni-ulm.de/style/images/fileicons/application_pdf.png)
PDF
- Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (1MB)
Abstract
To increase flexibility, object-aware process management systems enable data-driven process execution and dynamic generation of form-based tasks at run-time. Therefore, a powerful access control concept becomes necessary to define which data elements users may read or write at a given point in time during process execution. The access control concept we present in this paper has been realized in the context of the PHILharmonicFlows framework, which provides a distributed data-driven process execution engine. We present solutions that allow for complex as well as fine-grained permissions and roles, which are granted depending on the states of processes and data elements. We show how one can resolve authorization queries in real-time over multiple business objects and process instances. This constitutes a significant advantage over centralized access control systems.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Uncontrolled Keywords: | access control, authorization, permissions, roles, process management, scalability, PHILharmonicFlows |
| Subjects: | DBIS Research > Publications |
| Divisions: | Faculty of Engineering, Electronics and Computer Science > Institute of Databases and Informations Systems > DBIS Research and Teaching > DBIS Research > Publications |
| Depositing User: | Herr Andrews Kevin |
| Date Deposited: | 11 Aug 2017 11:09 |
| Last Modified: | 12 Mar 2020 23:16 |
| URI: | http://dbis.eprints.uni-ulm.de/id/eprint/1544 |
Actions (login required)
- View Item