Introducing Security Access Control Policies into Legacy Business Processes

Fáber Danilo Giraldo Velásquez 1 Mireille Blay-Fornarino 2 Sébastien Mosser 3
2 Laboratoire d'Informatique, Signaux, et Systèmes de Sophia-Antipolis (I3S) / Equipe MODALIS
SPARKS - Scalable and Pervasive softwARe and Knowledge Systems
3 ADAM - Adaptive Distributed Applications and Middleware
LIFL - Laboratoire d'Informatique Fondamentale de Lille, Inria Lille - Nord Europe
Abstract : Applying separation of concerns approaches into business process context generally results in several initiatives oriented to automatic generation of aspect code, generation of specific code according to the kind of concern (code for mapping roles and permissions derived from RBAC model for example), or proposition of new mechanisms as dedicated aspectual languages. Most of these initiatives only consider functional behaviours of business process, omitting special behaviours derived from quality attributes such as security, which can be modelled as concerns that must be supported in the business process. In this paper we propose the integration of cross-cuttings standardized control access policies (based on RBAC model and Oasis XACML) into legacy business processes, using a separation of concerns approach.
Type de document :
Communication dans un congrès
Fifteenth International Enterprise Distributed Object Computing Conference (EDOC'11), short paper, Aug 2011, Helsinki, Finland. IEEE, pp.42-49, 2011
Liste complète des métadonnées

https://hal.archives-ouvertes.fr/hal-00594845
Contributeur : Lionel Seinturier <>
Soumis le : samedi 21 mai 2011 - 10:22:36
Dernière modification le : vendredi 26 février 2016 - 01:08:59
Document(s) archivé(s) le : dimanche 4 décembre 2016 - 02:51:34

Fichier

edoc_2011.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-00594845, version 1

Collections

Citation

Fáber Danilo Giraldo Velásquez, Mireille Blay-Fornarino, Sébastien Mosser. Introducing Security Access Control Policies into Legacy Business Processes. Fifteenth International Enterprise Distributed Object Computing Conference (EDOC'11), short paper, Aug 2011, Helsinki, Finland. IEEE, pp.42-49, 2011. <hal-00594845>

Partager

Métriques

Consultations de
la notice

202

Téléchargements du document

214