Conformance Checking of RBAC Policies in Process-Aware Information Systems

Anne Baumgraß, Thomas Baier, Jan Mendling, Mark Strembeck

Publikation: Beitrag in Buch/KonferenzbandBeitrag in Konferenzband


A process-aware information system (PAIS) is a software system that supports the definition, execution, and analysis of business processes. The execution of process instances is typically recorded in so called event logs. In this paper, we present an approach to automatically generate LTL (Linear Temporal Logic) statements from process-related RBAC (Role-based Access Control) models. These LTL statements are used to check if process executions that are recorded via event logs conform to the access control policies defined via a corresponding RBAC model. To demonstrate our approach, we implemented a RBAC-to-LTL component, and used the ProM tool to test the resulting LTL statements with event logs created from process simulations in CPN tools.
Titel des SammelwerksBPM 2011 Workshops, Part II, LNBIP 100
Herausgeber*innen Farouk Toumani, Karsten Wolf, Stefanie Rinderle-Ma
ErscheinungsortClermont-Ferrand, France
VerlagSpringer Verlag
Seiten435 - 446
PublikationsstatusVeröffentlicht - 1 Dez. 2011