한국정보시스템학회지:정보시스템연구 (The Journal of Information Systems)
- 제14권3호
- /
- Pages.1-8
- /
- 2005
- /
- 1229-8476(pISSN)
- /
- 2733-8770(eISSN)
A Role-driven Security and Access Control Model for Secured Business Process Management Systems
- Won Jae-Kang (Collaboration Technology Research Lab.) ;
- Kim Kwang-Hoon (Department of Computer Science KYONGGI UNIVERSITY)
- 발행 : 2005.12.01
초록
This paper formally defines a role-driven security and access control model of a business process in order eventually to provide a theoretical basis for realizing the secured business process management systems. That is, we propose a graphical representation and formal description of the mechanism that generates a set of role-driven security and access control models from a business process modeled by the information control net(ICN) modeling methodology that is a typical business process modeling approach for defining and specifying business processes. Based upon the mechanism, we are able to design and accomplish a secured business process management system that provides an unified resource access control mechanism of the business process management engine domain's and the application domain's. Finally, we strongly believe that the secured access control policies from the role-driven security and access control model can be easily transformed into the RBAC(Role-based Access Control) model that is a standardized security technology for computer and communications systems of commercial and civilian government organizations.
키워드