Abstract
Complex business processes are usually realized by specifying the integration and interaction of smaller modular software components. For example, hitherto monolithic enterprise resource planning systems (ERP) are decomposed into Web services which are then again orchestrated in terms of Web service workflows, bringing about higher levels of flexibility and adaptability. In general, such services constitute autonomous software components with their own dedicated security requirements. In this paper we present our approach for consolidating the access control of (Web service) workflows. The proposed security engineering method allows, first, to determine for whom workflows are executable from a privileges point of view, second, to assess compliance with the principle of least privilege, and, third, helps to reduce policy enforcement costs. © Springer-Verlag Berlin Heidelberg 2006.
Cite
CITATION STYLE
Wimmer, M., Albutiu, M. C., & Kemper, A. (2006). Optimized workflow authorization in service oriented architectures. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3995 LNCS, pp. 30–44). Springer Verlag. https://doi.org/10.1007/11766155_3
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
