Dynamic Assignment of Roles and Users for Business Processes Under Security Requirements

被引：2

作者：

Du, Yanhua ^{[1
]}

Zhou, Yongchuan ^{[1
]}

Hu, Hesuan ^{[2
]}

机构：

[1] Univ Sci & Technol Beijing, Sch Mech Engn, Beijing 100083, Peoples R China

[2] Xidian Univ, Sch Electromech Engn, Xian 710071, Shaanxi, Peoples R China

来源：

IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS | 2023年 / 19卷 / 10期

基金：

中国国家自然科学基金;

关键词：

Assignment plan; business process; Petri nets; security requirement; workflow net; ORIENTED PETRI NETS; WORKFLOW; VERIFICATION; CONSTRAINTS; LOGIC;

D O I：

10.1109/TII.2023.3240568

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

It is very important to obtain assignment plans of roles and users for business processes or workflow processes under security requirements in enterprises. The assignment plans can help the enterprises improve the efficiency of execution as well as reduce their costs. However, the existing methods ignore the dynamics of users and roles, and cannot deal with security requirements. In this article, we propose a new approach to solve the problem of dynamic assignment of roles and users for business processes under security requirements. First, a role and user assignment graph (RUAG) based on Petri nets is constructed to record detailed information about assignment plans. Second, the optimal composition of assignment plans meeting security requirements is extracted from RUAG for multiple concurrent business processes. Third, we analyze the changes of assignment plans during execution of business processes and present the procedure to adjust them. Compared with the existing methods, our approach can improve the accuracy of assignment plans, enhance the efficiency of dynamic assignment, and reduce the costs of enterprises.

引用

页码：10344 / 10355

页数：12

共 50 条

[1] Dynamic Implementation of Security Requirements in Business Processes
Yang, Benyuan
Hu, Hesuan
[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2022, 19 (02) : 1352 - 1363
[2] Security Requirements Elicitation from Business Processes
Matulevicius, Raimundas
[J]. BUSINESS PROCESS MANAGEMENT WORKSHOPS( BPM 2014), 2015, 202
[3] Security requirements of E-business processes
Knorr, K
Röhrig, S
[J]. TOWARDS THE E-SOCIETY: E-COMMERCE, E-BUSINESS, AND E-GOVERNMENT, 2001, 74 : 73 - 86
[4] Security Requirements Engineering for Secure Business Processes
Paja, Elda
Giorgini, Paolo
Paul, Stephane
Meland, Per Hakon
[J]. WORKSHOPS ON BUSINESS INFORMATICS RESEARCH, 2012, 106 : 77 - +
[5] Requirements of Dynamic Business Processes - a Survey
Rusinaite, Toma
Kalibatiene, Diana
Vasilecas, Olegas
[J]. PROCEEDINGS OF THE 2015 IEEE 3RD WORKSHOP ON ADVANCES IN INFORMATION, ELECTRONIC AND ELECTRICAL ENGINEERING (AIEEE 2015), 2015,
[6] Modeling Security Requirements in Service Based Business Processes
Turki, Sameh Hbaieb
Bellaaj, Farah
Charfi, Anis
Bouaziz, Rafik
[J]. ENTERPRISE, BUSINESS-PROCESS AND INFORMATION SYSTEMS MODELING, BPMDS 2012, 2012, 113 : 76 - 90
[7] Eliciting Security Requirements for Business Processes of Legacy Systems
Argyropoulos, Nikolaos
Marquez Alcaniz, Luis
Mouratidis, Haralambos
Fish, Andrew
Rosado, David G.
Garcia-Rodriguez de Guzman, Ignacio
Fernandez-Medina, Eduardo
[J]. PRACTICE OF ENTERPRISE MODELING, POEM 2015, 2015, 235 : 91 - 107
[8] A BPMN extension for the modeling of security requirements in business processes
Rodriguez, Alfonso
Fernandez-Medina, Eduardo
Piattini, Mario
[J]. IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2007, E90D (04) : 745 - 752
[9] Requirements for Dynamic Jumps at the Execution of Business Processes
Bauer, Thomas
[J]. BUSINESS MODELING AND SOFTWARE DESIGN, BMSD 2022, 2022, 453 : 35 - 53
[10] Towards a UML 2.0 extension for the modeling of security requirements in business processes
Rodriguez, Alfonso
Fernandez-Medina, Eduardo
Piattini, Mario
[J]. TRUST, PRIVACY, AND SECURITY IN DIGITAL BUSINESS, PROCEEDINGS, 2006, 4083 : 51 - 61

← 1 2 3 4 5 →