A process-aware information system (PAIS) is a software system that supports the definition, execution, and analysis of business processes. The execution of process instances is typically recorded in so called event logs. In this paper, we present an approach to automatically generate LTL (Linear Temporal Logic) statements from process-related RBAC (Role-based Access Control) models. These LTL statements are used to check if process executions that are recorded via event logs conform to the access control policies defined via a corresponding RBAC model. To demonstrate our approach, we implemented a RBAC-to-LTL component, and used the ProM tool to test the resulting LTL statements with event logs created from process simulations in CPN tools. © 2012 Springer-Verlag.
CITATION STYLE
Baumgrass, A., Baier, T., Mendling, J., & Strembeck, M. (2012). Conformance checking of RBAC policies in process-aware information systems. In Lecture Notes in Business Information Processing (Vol. 100 LNBIP, pp. 435–446). Springer Verlag. https://doi.org/10.1007/978-3-642-28115-0_41
Mendeley helps you to discover research relevant for your work.