Context-sensitive Access Control Model for Business Processes

Goran Sladić1, Branko Milosavljević1 and Zora Konjović1

  1. Faculty of Technical Sciences, University of Novi Sad, Trg D. Obradovića 6
    21000 Novi Sad, Serbia
    {sladicg, mbranko, ftn_zora}@uns.ac.rs

Abstract

This paper focuses on problems of access control for business processes. The subject of the paper is a specification of the Contextsensitive access control model for business processes (COBAC). In order to efficiently define and enforce access control for different business processes, the COBAC model is based on the RBAC (Role-based Access Control) model which is extended with the following entities: context, business process, activity and resource category. By using a context-sensitive access control it is possible to define more complex access control policies whose implementation by existing access control models for business processes is not possible or is very complicated. The COBAC’s context model can describe rich context information and can be easily extended for specific cases. The introduction of business process and activity entities has facilitated the definition of access control policies for business processes. The categorization of resources enables the definition of access control policies for whole resource categories, and thus, potentially, reduces the number of policies which need to be defined. The COBAC model is applicable in different business information systems, and supports the definition of access control policies for both simple and complex business processes. The model is verified by a case study on a real business process.

Key words

access control, RBAC, context-sensitive, workflow, business process

Digital Object Identifier (DOI)

https://doi.org/10.2298/CSIS110907042S

Publication information

Volume 10, Issue 3 (June 2013)
Year of Publication: 2013
ISSN: 2406-1018 (Online)
Publisher: ComSIS Consortium

Full text

DownloadAvailable in PDF
Portable Document Format

How to cite

Sladić, G., Milosavljević, B., Konjović, Z.: Context-sensitive Access Control Model for Business Processes. Computer Science and Information Systems, Vol. 10, No. 3, 940-972. (2013), https://doi.org/10.2298/CSIS110907042S