Skip to main content
SpringerLink
Log in

On the Controlled Evolution of Access Rules in Cooperative Information Systems

  • Conference paper
On the Move to Meaningful Internet Systems 2005: CoopIS, DOA, and ODBASE (OTM 2005)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3760))

Abstract

For several reasons enterprises are frequently subject to organizational change. Respective adaptations may concern business processes, but also other components of an enterprise architecture. In particular, changes of organizational structures often become necessary.

The information about organizational entities and their relationships is maintained in organizational models. Therefore the quick and correct adaptation of these models is fundamental to adequately cope with changes. However, model changes alone are not sufficient to guarantee consistency. Since organizational models also provide the basis for defining access rules (e.g., actor assignments in workflow management systems or access rules in document–centered applications) this information has to be adapted accordingly (e.g., to avoid non-resolvable actor assignments). Current approaches do not adequately address this problem, which often leads to security gaps and delayed change adaptations.

In this paper we present a comprehensive approach for the controlled evolution of organizational models in cooperative information systems. First, we introduce a set of operators with well-defined semantics for defining and changing organizational models. Second, we present an advanced approach for the semi-automated adaptation of access rules when the underlying organizational model is changed. This includes a formal part concerning both the evolution of organizational models and the adaptation of related access rules.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. van der Aalst, W., van Hee, K.: Workflow Management. MIT Press, Cambridge (2002)

    Google Scholar 

  2. Sutton, M.J.: Document Management for the Enterprise: Principles, Techniques and Applications. John Wiley, Chichester (1996)

    Google Scholar 

  3. Linthicum, D.: Enterpise Application Integration. Addison-Wesley, Reading (1999)

    Google Scholar 

  4. Konyen, I.: Organizational structures and business processes in hospitals. Master’s thesis, University of Ulm, Computer Science Faculty (1996) (in German)

    Google Scholar 

  5. Jablonski, S., Schlundt, M., Wedekind, H.: A generic component for the computer–based use of organizational models. Informatik Forschung und Entwicklung 16, 23–34 (2001) (in German)

    Article  MATH  Google Scholar 

  6. Klarmann, J.: A comprehensive support for changes in organizational models of workflow management systems. In: Proc. 4th Int’l Conf. on Inf Systems Modeling (ISM 2001), pp. 375–387 (2001)

    Google Scholar 

  7. Reichert, M., Dadam, P.: ADEPT flex - supporting dynamic changes of workflows without losing control. JIIS 10, 93–129 (1998)

    Google Scholar 

  8. Rinderle, S., Reichert, M., Dadam, P.: On dealing with structural conflicts between process type and instance changes. In: Desel, J., Pernici, B., Weske, M. (eds.) BPM 2004. LNCS, vol. 3080, pp. 274–289. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  9. Rinderle, S., Reichert, M., Dadam, P.: Disjoint and overlapping process changes: Challenges, solutions, applications. In: Meersman, R., Tari, Z. (eds.) OTM 2004. LNCS, vol. 3290, pp. 101–120. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Rinderle, S., Reichert, M., Dadam, P.: Correctness criteria for dynamic changes in workflow systems – a survey. Data and Knowledge Engineering, Special Issue on Advances in Business Process Management 50, 9–34 (2004)

    Google Scholar 

  11. Reichert, M., Rinderle, S., Dadam, P.: On the common support of workflow type and instance changes under correctness constraints. In: Meersman, R., Tari, Z., Schmidt, D.C. (eds.) CoopIS 2003, DOA 2003, and ODBASE 2003. LNCS, vol. 2888, pp. 407–425. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. Bertino, E.: Data security. DKE 25, 199–216 (1998)

    Article  MATH  Google Scholar 

  13. zur Muehlen, M.: Resource modeling in workflow applications. In: Proc. of the 1999 Workflow Management Conference (Muenster), pp. 137–153 (1999)

    Google Scholar 

  14. Weber, B., Reichert, M., Wild, W., Rinderle, S.: Balancing flexibility and security in adaptive process management systems. In: Proc. Int’l Conf. on Cooperative Information Systems (CoopIS 2005), Agia Napa, Cyprus (2005)

    Google Scholar 

  15. Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role–Based Access Control. Artech House (2003)

    Google Scholar 

  16. NIST: Proposed Standard for Role-Based Access Control (2004), http://csrc.nist.gov/rbac/rbacSTDACM.pdf

  17. Ferraiolo, D., Kuhn, D.: Role based access control. In: 15th National Computer Security Conference (1992)

    Google Scholar 

  18. Sutton, M.: Document Management for the Enterprise – Principles, Techniques, and Applications. Wiley, New York (1996)

    Google Scholar 

  19. Botha, R., Eloff, J.: A framework for access control in workflow systems. Information Management and Computer Security 9, 126–133 (2001)

    Article  Google Scholar 

  20. Bertino, E., Ferrari, E., Alturi, V.: The specification and enforcement of authorization constraints in wfms. ACM Trans. on Inf. and Sys. Sec. 2, 65–104 (1999)

    Article  Google Scholar 

  21. Wainer, J., Barthelmess, P., Kumar, A.: W–RBAC – a workflow security model incorporating controlled overriding of constraints. International Journal of Collaborative Information Systems 12, 455–485 (2003)

    Article  Google Scholar 

  22. Klarmann, J.: A comprehensive support for changes in organizational models of workflow management systems. In: Proc. Int’l Conf. on Information Systems Modeling (ISM 2001), Hradec nad Moravici, Czech Republic (2001)

    Google Scholar 

  23. Domingos, D., Rito-Silva, A., Veiga, P.: Authorization and access control in adaptive workflows. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 23–28. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  24. Berroth, M.: Design of a component for organizational models. Master’s thesis, University of Ulm, Computer Science Faculty (2005) (in German)

    Google Scholar 

  25. van der Aalst, W., Jablonski, S.: Dealing with workflow change: Identification of issues an solutions. Int’l Journal of Comp. Systems, Science and Engineering 15, 267–276 (2000)

    Google Scholar 

  26. Klarmann, J.: Using conceptual graphs for organization modeling in workflow management systems. In: Proc. Conf. Professionelles Wissensmanagement (WM 2001), pp. 19–23 (2001)

    Google Scholar 

  27. Reichert, M., Rinderle, S., Kreher, U., Dadam, P.: Adaptive process management with adept2. In: Proc. 21st Int’l Conf. on Data Engineering (ICDE 2005), Tokyo, pp. 1113–1114 (2005)

    Google Scholar 

  28. Rinderle, S., Reichert, M., Dadam, P.: Flexible support of team processes by adaptive workflow systems. Distributed and Parallel Databases 16, 91–116 (2004)

    Article  Google Scholar 

  29. Rinderle, S., Weber, B., Reichert, M., Wild, W.: Integrating process learning and process evolution - a semantics based approach. In: van der Aalst, W.M.P., Benatallah, B., Casati, F., Curbera, F. (eds.) BPM 2005. LNCS, vol. 3649, pp. 252–267. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department Databases and Information Systems, University of Ulm, Germany

    Stefanie Rinderle

  2. Information Systems Group, University of Twente, The Netherlands

    Manfred Reichert

Authors
  1. Stefanie Rinderle
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Manfred Reichert
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. STARLab, Vrije Universiteit Brussel (VUB), Bldg G/10, Pleinlaan 2, 1050, Brussels, Belgium

    Robert Meersman

  2. School of Computer Science and Information Technology, RMIT University, Bld 10.10, 376-392 Swanston Street, 3001, Melbourne, VIC, Australia

    Zahir Tari

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Rinderle, S., Reichert, M. (2005). On the Controlled Evolution of Access Rules in Cooperative Information Systems. In: Meersman, R., Tari, Z. (eds) On the Move to Meaningful Internet Systems 2005: CoopIS, DOA, and ODBASE. OTM 2005. Lecture Notes in Computer Science, vol 3760. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11575771_17

Download citation

  • DOI: https://doi.org/10.1007/11575771_17

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-29736-9

  • Online ISBN: 978-3-540-32116-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation