Deriving Role Engineering Artifacts from Business Processes and Scenario Models

Anne Baumgraß, Mark Strembeck, Stefanie Rinderle-Ma

Publikation: Beitrag in Buch/KonferenzbandBeitrag in Konferenzband


Scenario-driven role engineering is a systematic approach to engineer and maintain RBAC models. Such as every engineering process, this approach heavily depends on human factors and many of the corresponding engineering tasks must be conducted manually. However, based on the experiences we gained from our projects and case studies, we identified several tasks in role engineering that are monotonous, time-consuming, and can get tedious if conducted manually. These tasks include the derivation of candidate RBAC artifacts from business processes and scenario models. In this paper, we present an approach to automatically derive role engineering artifacts from process and scenario models. While our general approach is independent from a specific document format, we especially discuss the derivation of role engineering artifacts from UML activity models, UML interaction models, and BPMN collaboration models. In particular, we use the XMI (XML Metadata Interchange) representation of these models as a tool- and vendor-independent format to identify and automatically derive different role engineering artifacts.
Titel des SammelwerksProc. of 16th ACM Symposium on Access Control Models and Technologies (SACMAT)
Herausgeber*innen ACM
ErscheinungsortInnsbruck, Austria
VerlagACM Press
Seiten11 - 20
PublikationsstatusVeröffentlicht - 1 Sept. 2011