ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2017, Vol. 54 ›› Issue (10): 2404-2418.doi: 10.7544/issn1000-1239.2017.20170397

Previous Articles    

Compliance Analysis of Authorization Constraints in Business Process

Bo Yang1,2, Xia Chunhe1,2,3   

  1. 1(Beijing Key Laboratory of Network Technology (Beihang University), Beijing 100191); 2(School of Computer Science and Engineering, Beihang University, Beijing 100191); 3(College of Computer Science and Information Technology, Guangxi Normal University, Guilin, Guangxi 510004)
  • Online:2017-10-01

Abstract: A novel framework of business process compliance analysis is proposed in this paper, and the proposed framework can process 1)business process authorization and non-business process authorization; 2)delegation of task of business processes; 3)inheritance of roles; 4)separation of duty and binding of duty constraints; 5)statics constraints and dynamic constraints. Authorization graph is proposed to describe the framework, and construct and reduce methods of authorization graph are designed to maintain the graph, then compliance analysis algorithms of authorization graph are proposed. Based on the analysis results, conflict patterns are presented. A set of resolutions for each pattern are provided, and a prototype system is implemented. The framework of authorization constraint compliance analysis, independent of platform, can be widely applied to system security analyzing. The effectiveness of the proposed method is reported by a case study and experiments at the end of this paper.

Key words: business process, authorization constraints, compliance, separation of duty, binding of duty, task delegation

CLC Number: