Deriving Process-Related RBAC Models from Process Execution Histories

Publication: Chapter in book/Conference proceedingContribution to conference proceedings


In a business process context, access permissions grant the rights to perform certain tasks. In particular, process-related role-based access control (RBAC) models define RBAC policies for process-aware information systems (PAIS). In addition, process-related RBAC models allow for the definition of entailment constraints on tasks, such as mutual exclusion or binding constraints, for example. This paper presents an approach to derive process-related RBAC models from process execution histories recorded by a PAIS. In particular, we
present algorithms to derive corresponding RBAC artifacts and entailment constraints from standardized XML-based log files. All algorithms presented in this paper have been implemented and were tested via process logs created with CPN Tools.
Original languageEnglish
Title of host publication4th IEEE International Workshop on Security Aspects in Processes and Services Engineering (SAPSE), 2012 IEEE 36th International Conference on Computer Software and Applications Workshops (COMPSACW 2012)
Place of PublicationIzmir, Turkey
Publication statusPublished - 1 Jun 2012

Cite this