Information Flow Based Security Control Beyond RBAC

How to enable fine-grained security policy enforcement in business processes beyond limitations of role-based access control (RBAC)

  • Klaus-Peter Fischer-Hellmann
  • Rainer Bischoff

Part of the IT im Unternehmen book series (ITU, volume 1)

Table of contents

  1. Front Matter
    Pages 1-1
  2. Klaus-Peter Fischer-Hellmann
    Pages 1-6
  3. Klaus-Peter Fischer-Hellmann
    Pages 7-18
  4. Klaus-Peter Fischer-Hellmann
    Pages 19-38
  5. Klaus-Peter Fischer-Hellmann
    Pages 39-65
  6. Klaus-Peter Fischer-Hellmann
    Pages 81-92
  7. Klaus-Peter Fischer-Hellmann
    Pages 93-112
  8. Klaus-Peter Fischer-Hellmann
    Pages 113-132
  9. Klaus-Peter Fischer-Hellmann
    Pages 133-140
  10. Klaus-Peter Fischer-Hellmann
    Pages 141-144
  11. Back Matter
    Pages 13-13

About this book

Introduction

The book shows a way of providing more refined methods of information flow control than those offered by role-based access control (RBAC). For granting access to information or resources, former or further information flow in a business process requesting this access is taken into account. The methods proposed are comparatively easy to apply and have been proven to be largely machine-executable by a prototypical realisation. As an addition, the methods are extended to be also applicable to BPEL-defined workflows in Grid and Cloud computing.Contents

Cross-Organisational Deployment of Business Processes - Approaches to Specification and Enforcement of Security Policies - Analysis of Security-Relevant Semantics of BPEL - Security Policy Compliance Assessment for BPEL-Defined Processes - Extension of Methods for Security Policy Enforcement to Grid Processes and Cloud Workflows

Target Groups

IT Security Specialists; Chief Information Officers (CIOs); Chief Security Officers (CSOs);
Security Policy and Quality Assurance Officers and Managers;
Business Process and Web/Grid/Cloud Service Designers, Developers, Operational Managers;
Interested Learners/Students in the Field of Security Management

The Author

Klaus-Peter Fischer-Hellmann has received his PhD in Computer Science from the University of Plymouth (UK) and holds an MSc in Mathematics from the University of Heidelberg. His expertise is based on more than 30 years of experience in the field of distributed applications, particularly in telecommunications. For several years now, he has been actively involved in teaching and supervising post-graduate research students at PhD level.

Klaus-Peter Fischer-Hellmann has received his PhD in Computer Science from the University of Plymouth (UK) and holds an MSc in Mathematics from the University of Heidelberg. His expertise is based on more than 30 years of experience in the field of distributed applications, particularly in telecommunications. For several years now, he has been actively involved in teaching and supervising post-graduate research students at PhD level.

The Series "IT im Unternehmen" is edited by Prof. Dr. Rainer Bischoff.

Keywords

Access Control Cooperative Business Processes Information Flow Control Security Policy Enforcement Web Services

Authors and affiliations

  • Klaus-Peter Fischer-Hellmann
    • 1
  1. 1.Digamma Communications Consulting GmbHMühltalGermany

Editors and affiliations

  • Rainer Bischoff
    • 1
  1. 1.FurtwangenGermany

Bibliographic information

  • DOI https://doi.org/10.1007/978-3-8348-2618-3
  • Copyright Information Vieweg+Teubner Verlag | Springer Fachmedien Wiesbaden 2012
  • Publisher Name Springer Vieweg, Wiesbaden
  • eBook Packages Computer Science
  • Print ISBN 978-3-8348-2617-6
  • Online ISBN 978-3-8348-2618-3
  • About this book