Compliance Analysis of Authorization Constraints in Business Process

Bo Yang; Xia Chunhe

doi:10.7544/issn1000-1239.2017.20170397

Journal of Computer Research and Development > 2017 > 54(10): 2404-2418. > DOI: 10.7544/issn1000-1239.2017.20170397 CSTR: 32373.14.issn1000-1239.2017.20170397

Bo Yang, Xia Chunhe. Compliance Analysis of Authorization Constraints in Business Process[J]. Journal of Computer Research and Development, 2017, 54(10): 2404-2418. DOI: 10.7544/issn1000-1239.2017.20170397

Citation:

PDF (3680 KB)

Compliance Analysis of Authorization Constraints in Business Process

Bo Yang^1,2,
Xia Chunhe^1,2,3

¹(Beijing Key Laboratory of Network Technology (Beihang University), Beijing 100191)
²(School of Computer Science and Engineering, Beihang University, Beijing 100191)
³(College of Computer Science and Information Technology, Guangxi Normal University, Guilin, Guangxi 510004)

More Information

Published Date: September 30, 2017

Graphical Abstract

Abstract

Abstract

A novel framework of business process compliance analysis is proposed in this paper, and the proposed framework can process 1)business process authorization and non-business process authorization; 2)delegation of task of business processes; 3)inheritance of roles; 4)separation of duty and binding of duty constraints; 5)statics constraints and dynamic constraints. Authorization graph is proposed to describe the framework, and construct and reduce methods of authorization graph are designed to maintain the graph, then compliance analysis algorithms of authorization graph are proposed. Based on the analysis results, conflict patterns are presented. A set of resolutions for each pattern are provided, and a prototype system is implemented. The framework of authorization constraint compliance analysis, independent of platform, can be widely applied to system security analyzing. The effectiveness of the proposed method is reported by a case study and experiments at the end of this paper.
- business process,
- authorization constraints,
- compliance,
- separation of duty,
- binding of duty,
- task delegation

FullText(HTML)

References (0)

[1]	Cheng Haodong, Han Meng, Zhang Ni, Li Xiaojuan, Wang Le. Closed High Utility Itemsets Mining over Data Stream Based on Sliding Window Model[J]. Journal of Computer Research and Development, 2021, 58(11): 2500-2514. DOI: 10.7544/issn1000-1239.2021.20200554
[2]	Zhang Xiaojian, Wang Miao, Meng Xiaofeng. An Accurate Method for Mining top-k Frequent Pattern Under Differential Privacy[J]. Journal of Computer Research and Development, 2014, 51(1): 104-114.
[3]	Lei Xiangxin, Yang Zhiying, Huang Shaoyin, Hu Yunfa. Mining Frequent Subtree on Paging XML Data Stream[J]. Journal of Computer Research and Development, 2012, 49(9): 1926-1936.
[4]	Liao Guoqiong, Wu Lingqin, Wan Changxuan. Frequent Patterns Mining over Uncertain Data Streams Based on Probability Decay Window Model[J]. Journal of Computer Research and Development, 2012, 49(5): 1105-1115.
[5]	Zhu Ranwei, Wang Peng, and Liu Majin. Algorithm Based on Counting for Mining Frequent Items over Data Stream[J]. Journal of Computer Research and Development, 2011, 48(10): 1803-1811.
[6]	Tong Yongxin, Zhang Yuanyuan, Yuan Mei, Ma Shilong, Yu Dan, Zhao Li. An Efficient Algorithm for Mining Compressed Sequential Patterns[J]. Journal of Computer Research and Development, 2010, 47(1): 72-80.
[7]	Liu Xuejun, Xu Hongbing, Dong Yisheng, Qian Jiangbo, Wang Yongli. Mining Frequent Closed Patterns from a Sliding Window over Data Streams[J]. Journal of Computer Research and Development, 2006, 43(10): 1738-1743.
[8]	Liu Xuejun, Xu Hongbing, Dong Yisheng, Wang Yongli, Qian Jiangbo. Mining Frequent Patterns in Data Streams[J]. Journal of Computer Research and Development, 2005, 42(12): 2192-2198.
[9]	Ma Haibing, Zhang Chenghong, Zhang Jin, and Hu Yunfa. Mining Frequent Patterns Based on IS\++-Tree Model[J]. Journal of Computer Research and Development, 2005, 42(4): 588-593.
[10]	Wang Wei, Zhou Haofeng, Yuan Qingqing, Lou Yubo, and Sui Baile. Mining Frequent Patterns Based on Graph Theory[J]. Journal of Computer Research and Development, 2005, 42(2): 230-235.