Dynamic Assignment of Roles and Users for Business Processes Under Security Requirements

被引：2

作者：

Du, Yanhua ^{[1
]}

Zhou, Yongchuan ^{[1
]}

Hu, Hesuan ^{[2
]}

机构：

[1] Univ Sci & Technol Beijing, Sch Mech Engn, Beijing 100083, Peoples R China

[2] Xidian Univ, Sch Electromech Engn, Xian 710071, Shaanxi, Peoples R China

来源：

IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS | 2023年 / 19卷 / 10期

基金：

中国国家自然科学基金;

关键词：

Assignment plan; business process; Petri nets; security requirement; workflow net; ORIENTED PETRI NETS; WORKFLOW; VERIFICATION; CONSTRAINTS; LOGIC;

D O I：

10.1109/TII.2023.3240568

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

It is very important to obtain assignment plans of roles and users for business processes or workflow processes under security requirements in enterprises. The assignment plans can help the enterprises improve the efficiency of execution as well as reduce their costs. However, the existing methods ignore the dynamics of users and roles, and cannot deal with security requirements. In this article, we propose a new approach to solve the problem of dynamic assignment of roles and users for business processes under security requirements. First, a role and user assignment graph (RUAG) based on Petri nets is constructed to record detailed information about assignment plans. Second, the optimal composition of assignment plans meeting security requirements is extracted from RUAG for multiple concurrent business processes. Third, we analyze the changes of assignment plans during execution of business processes and present the procedure to adjust them. Compared with the existing methods, our approach can improve the accuracy of assignment plans, enhance the efficiency of dynamic assignment, and reduce the costs of enterprises.

引用

页码：10344 / 10355

页数：12

共 50 条

[41] Information governance requirements in dynamic business networking
Rasouli, Mohammad Reza
Trienekens, Jos J. M.
Kusters, Rob J.
Grefen, Paul W. P. J.
[J]. INDUSTRIAL MANAGEMENT & DATA SYSTEMS, 2016, 116 (07) : 1356 - 1379
[42] New trends and requirements for dynamic security assessment
Meyer, B
Nativel, G
[J]. CONTROL OF POWER SYSTEMS AND POWER PLANTS 1997 (CPSPP'97), 1998, : 557 - 562
[43] New trends and requirements for dynamic security assessment
Meyer, B
Nativel, C
[J]. CONTROL ENGINEERING PRACTICE, 1999, 7 (03) : 375 - 380
[44] Workshop on Security in Business Processes A workshop report
Accorsi, Rafael
Matulevicius, Raimundas
[J]. ENTERPRISE MODELLING AND INFORMATION SYSTEMS ARCHITECTURES-AN INTERNATIONAL JOURNAL, 2013, 8 (01): : 75 - 79
[45] Security Testing of Orchestrated Business Processes in SOA
Hariharan, C.
Babu, Chitra
[J]. 2014 INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION CONTROL AND COMPUTING TECHNOLOGIES (ICACCCT), 2014, : 1426 - 1430
[46] "Security Concern" as a Metric for Enterprise Business Processes
Mukherjee, Preetam
Mazumdar, Chandan
[J]. IEEE SYSTEMS JOURNAL, 2019, 13 (04): : 4015 - 4026
[47] Dynamic Spectrum Assignment for White Space Devices with Dynamic and Heterogeneous Bandwidth Requirements
Pei, Yiyang
Ma, Yugang
Peh, Edward Chu Yeow
Oh, Ser Wah
Tao, Ming-Hung
[J]. 2015 IEEE WIRELESS COMMUNICATIONS AND NETWORKING CONFERENCE (WCNC), 2015, : 36 - 40
[48] Dynamic roles of suppliers in the specification of business services
Mota, Joao
Santos, Jose Novais
[J]. TECHNOLOGICAL FORECASTING AND SOCIAL CHANGE, 2021, 164
[49] Aligning system architectures on requirements of mobile business processes
Gruhn, Volker
Koehler, Andre
[J]. PROCEEDINGS OF THE IASTED INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, 2007, : 363 - +
[50] A User Requirements Analysis Approach Based on Business Processes
ZHENG Yue-bin
[J]. Journal of Systems Science and Systems Engineering, 2001, (03) : 371 - 380

← 1 2 3 4 5 →