Compliance Analysis of Authorization Constraints in Business Process

Bo Yang; Xia Chunhe

doi:10.7544/issn1000-1239.2017.20170397

Journal of Computer Research and Development > 2017 > 54(10): 2404-2418. > DOI: 10.7544/issn1000-1239.2017.20170397 CSTR: 32373.14.issn1000-1239.2017.20170397

Bo Yang, Xia Chunhe. Compliance Analysis of Authorization Constraints in Business Process[J]. Journal of Computer Research and Development, 2017, 54(10): 2404-2418. DOI: 10.7544/issn1000-1239.2017.20170397

Citation:

PDF (3680 KB)

Compliance Analysis of Authorization Constraints in Business Process

Bo Yang^1,2,
Xia Chunhe^1,2,3

¹(Beijing Key Laboratory of Network Technology (Beihang University), Beijing 100191)
²(School of Computer Science and Engineering, Beihang University, Beijing 100191)
³(College of Computer Science and Information Technology, Guangxi Normal University, Guilin, Guangxi 510004)

More Information

Published Date: September 30, 2017

Graphical Abstract

Abstract

Abstract

A novel framework of business process compliance analysis is proposed in this paper, and the proposed framework can process 1)business process authorization and non-business process authorization; 2)delegation of task of business processes; 3)inheritance of roles; 4)separation of duty and binding of duty constraints; 5)statics constraints and dynamic constraints. Authorization graph is proposed to describe the framework, and construct and reduce methods of authorization graph are designed to maintain the graph, then compliance analysis algorithms of authorization graph are proposed. Based on the analysis results, conflict patterns are presented. A set of resolutions for each pattern are provided, and a prototype system is implemented. The framework of authorization constraint compliance analysis, independent of platform, can be widely applied to system security analyzing. The effectiveness of the proposed method is reported by a case study and experiments at the end of this paper.
- business process,
- authorization constraints,
- compliance,
- separation of duty,
- binding of duty,
- task delegation

FullText(HTML)

References (0)

[1]	Zhang Zhongya, Wu Wenling, Zou Jian. Quantum Differential Collision Key Recovery Attack of Multi-Round EM Structure[J]. Journal of Computer Research and Development, 2021, 58(12): 2811-2818. DOI: 10.7544/issn1000-1239.2021.20200427
[2]	Zhang Yukun, Yuan Xiao. Quantum Error Mitigation: A Review[J]. Journal of Computer Research and Development, 2021, 58(9): 1843-1855. DOI: 10.7544/issn1000-1239.2021.20210367
[3]	Li Zichen, Xie Ting, Zhang Juanmei, Xu Ronghua. Post Quantum Authenticated Key Exchange Protocol Based on Ring Learning with Errors Problem[J]. Journal of Computer Research and Development, 2019, 56(12): 2694-2701. DOI: 10.7544/issn1000-1239.2019.20180874
[4]	Wang Tiefeng, Cai Ying, Zhang Yujie. Reputation-Based Defense Scheme Against Pollution Attacks on Network Coding[J]. Journal of Computer Research and Development, 2016, 53(11): 2491-2499. DOI: 10.7544/issn1000-1239.2016.20150502
[5]	Yue Daheng, Qi Shubo, Li Shaoqing, and Zhang Minxuan. A DPA Resistant Technology Based on Register Switching Time Randomization[J]. Journal of Computer Research and Development, 2012, 49(3): 491-498.
[6]	Hu Jianli, Zhou Bin, Wu Quanyuan, Li Xiaohua. A Reputation Based Attack-Resistant Distributed Trust Management Model for P2P Networks[J]. Journal of Computer Research and Development, 2011, 48(12): 2235-2241.
[7]	Tong Yuanman, Wang Zhiying, Dai Kui, and Lu Hongyi. Quantitative Evaluation of the Cryptographic Block’s Resistibility to Power Analysis Attack at Different Design Level[J]. Journal of Computer Research and Development, 2009, 46(6): 940-947.
[8]	Tong Yuanman, Wang Zhiying, Dai Kui, and Lu Hongyi. A DPA and HO-DPA Resistant Implementation of AES[J]. Journal of Computer Research and Development, 2009, 46(3): 377-383.
[9]	Lou Oujun, Wang Xianghai, Wang Zhengxuan. Research on Quantization-Based Robust Video Watermarking Technique Against Geometrical Attacks[J]. Journal of Computer Research and Development, 2007, 44(7): 1211-1218.
[10]	Zhao Jia, Zeng Xiaoyang, Han Jun, Wang Jing, and Chen Jun. VLSI Implementation of an AES Algorithm Resistant to Differential Power Analysis Attack[J]. Journal of Computer Research and Development, 2007, 44(3).