Compliance Analysis of Authorization Constraints in Business Process

Bo Yang; Xia Chunhe

doi:10.7544/issn1000-1239.2017.20170397

Journal of Computer Research and Development > 2017 > 54(10): 2404-2418. > DOI: 10.7544/issn1000-1239.2017.20170397 CSTR: 32373.14.issn1000-1239.2017.20170397

Bo Yang, Xia Chunhe. Compliance Analysis of Authorization Constraints in Business Process[J]. Journal of Computer Research and Development, 2017, 54(10): 2404-2418. DOI: 10.7544/issn1000-1239.2017.20170397

Citation:

PDF (3680 KB)

Compliance Analysis of Authorization Constraints in Business Process

Bo Yang^1,2,
Xia Chunhe^1,2,3

¹(Beijing Key Laboratory of Network Technology (Beihang University), Beijing 100191)
²(School of Computer Science and Engineering, Beihang University, Beijing 100191)
³(College of Computer Science and Information Technology, Guangxi Normal University, Guilin, Guangxi 510004)

More Information

Published Date: September 30, 2017

Graphical Abstract

Abstract

Abstract

A novel framework of business process compliance analysis is proposed in this paper, and the proposed framework can process 1)business process authorization and non-business process authorization; 2)delegation of task of business processes; 3)inheritance of roles; 4)separation of duty and binding of duty constraints; 5)statics constraints and dynamic constraints. Authorization graph is proposed to describe the framework, and construct and reduce methods of authorization graph are designed to maintain the graph, then compliance analysis algorithms of authorization graph are proposed. Based on the analysis results, conflict patterns are presented. A set of resolutions for each pattern are provided, and a prototype system is implemented. The framework of authorization constraint compliance analysis, independent of platform, can be widely applied to system security analyzing. The effectiveness of the proposed method is reported by a case study and experiments at the end of this paper.
- business process,
- authorization constraints,
- compliance,
- separation of duty,
- binding of duty,
- task delegation

FullText(HTML)

References (0)

[1]	Yang Yong, Meng Xiangru, Kang Qiaoyan, Chen Gang. Dynamic Service Function Chain Migration Method Based on Resource Requirements Prediction[J]. Journal of Computer Research and Development, 2023, 60(5): 1151-1163. DOI: 10.7544/issn1000-1239.202111206
[2]	Zhou Peng, Wu Yanjun, Zhao Chen. A Programming Paradigm Combining Programmer and Neural Network to Promote Automated Program Generation[J]. Journal of Computer Research and Development, 2021, 58(3): 638-650. DOI: 10.7544/issn1000-1239.2021.20200298
[3]	Zu Jiachen, Hu Guyu, Yan Jiajie, Li Shiji. Resource Management of Service Function Chain in NFV Enabled Network: A Survey[J]. Journal of Computer Research and Development, 2021, 58(1): 137-152. DOI: 10.7544/issn1000-1239.2021.20190823
[4]	Deng Li, Wu Weinan, Zhu Zhengyi, Chen Ming. DiffSec: A Differentiated Intelligent Network Security Service Model[J]. Journal of Computer Research and Development, 2019, 56(5): 955-966. DOI: 10.7544/issn1000-1239.2019.20190019
[5]	Huang Rui, Zhang Hongqi, Chang Dexian. A Backup and Recovery Mechanism for Security Service Chain Fault in Network Function Virtualization Environment[J]. Journal of Computer Research and Development, 2018, 55(4): 768-781. DOI: 10.7544/issn1000-1239.2018.20170942
[6]	Liu Yi, Zhang Hongqi, Yang Yingjie, Chang Dexian. A Hierarchical Method for Survivable Service Function Chain Embedding[J]. Journal of Computer Research and Development, 2018, 55(4): 748-767. DOI: 10.7544/issn1000-1239.2018.20170938
[7]	Xu Ran, Wang Wendong, Gong Xiangyang, Que Xirong. Delay-Aware Resource Scheduling Optimization in Network Function Virtualization[J]. Journal of Computer Research and Development, 2018, 55(4): 738-747. DOI: 10.7544/issn1000-1239.2018.20170926
[8]	Wang Junxiao, Qi Heng, Li Keqiu, Zhou Xiaobo. Real-Time Link Fault Detection as a Service for Datacenter Network[J]. Journal of Computer Research and Development, 2018, 55(4): 704-716. DOI: 10.7544/issn1000-1239.2018.20170941
[9]	Wang Yuwei, Liu Min, Ma Cheng, Li Pengfei. High Performance Load Balancing Mechanism for Network Function Virtualization[J]. Journal of Computer Research and Development, 2018, 55(4): 689-703. DOI: 10.7544/issn1000-1239.2018.20170923
[10]	Ma Jiuyue, Yu Zihao, Bao Yungang, Sun Ninghui. A Programmable Data Plane Design in Computer Architecture[J]. Journal of Computer Research and Development, 2017, 54(1): 123-133. DOI: 10.7544/issn1000-1239.2017.20160102