A Data-Centric Approach for Privacy-Aware Business Process Enablement
- Cite this paper as:
- Short S., Kaluvuri S.P. (2011) A Data-Centric Approach for Privacy-Aware Business Process Enablement. In: van Sinderen M., Johnson P. (eds) Enterprise Interoperability. IWEI 2011. Lecture Notes in Business Information Processing, vol 76. Springer, Berlin, Heidelberg
In a SOA context, enterprises can use workflow technologies to orchestrate available business processes and their corresponding services and apply business rules or policies to control how they can be used and who can use them. This approach becomes a bit more complex when a set of business processes includes services that derive outside the company’s domain and therefore can be difficult to align with existing rules/policies. In the privacy and security domain, access control and policy languages are used to define what actions can be performed on resources, by whom, for what purpose and in what context. In this paper we propose an approach for dealing with the inclusion of internal and/or external services in a business process that contains data handling policies.