Andrews, Kevin and Steinau, Sebastian and Reichert, Manfred (2017) Enabling Fine-grained Access Control in Flexible Distributed Object-aware Process Management Systems. In: 21st IEEE International Enterprise Distributed Object Computing Conference (EDOC 2017), October 10-13, 2017, Québec City.
Download (1MB)
Abstract
To increase flexibility, object-aware process management systems enable data-driven process execution and dynamic generation of form-based tasks at run-time. Therefore, a powerful access control concept becomes necessary to define which data elements users may read or write at a given point in time during process execution. The access control concept we present in this paper has been realized in the context of the PHILharmonicFlows framework, which provides a distributed data-driven process execution engine. We present solutions that allow for complex as well as fine-grained permissions and roles, which are granted depending on the states of processes and data elements. We show how one can resolve authorization queries in real-time over multiple business objects and process instances. This constitutes a significant advantage over centralized access control systems.
Item Type: | Conference or Workshop Item (Paper) |
---|---|
Uncontrolled Keywords: | access control, authorization, permissions, roles, process management, scalability, PHILharmonicFlows |
Subjects: | DBIS Research > Publications |
Divisions: | Faculty of Engineering, Electronics and Computer Science > Institute of Databases and Informations Systems > DBIS Research and Teaching > DBIS Research > Publications |
Depositing User: | Herr Andrews Kevin |
Date Deposited: | 11 Aug 2017 11:09 |
Last Modified: | 12 Mar 2020 23:16 |
URI: | http://dbis.eprints.uni-ulm.de/id/eprint/1544 |