Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Conformance Checking of RBAC Policies in Process-Aware Information Systems

  • Conference paper
Business Process Management Workshops (BPM 2011)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 100))

Included in the following conference series:

Abstract

A process-aware information system (PAIS) is a software system that supports the definition, execution, and analysis of business processes. The execution of process instances is typically recorded in so called event logs. In this paper, we present an approach to automatically generate LTL (Linear Temporal Logic) statements from process-related RBAC (Role-based Access Control) models. These LTL statements are used to check if process executions that are recorded via event logs conform to the access control policies defined via a corresponding RBAC model. To demonstrate our approach, we implemented a RBAC-to-LTL component, and used the ProM tool to test the resulting LTL statements with event logs created from process simulations in CPN tools.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. van der Aalst, W.M.P., Weijters, A.J.M.M.: Process mining: a research agenda. Computers in Industry 53 (April 2004)

    Google Scholar 

  2. van der Aalst, W.M.P., de Beer, H., van Dongen, B.: Process Mining and Verification of Properties: An Approach based on Temporal Logic. In: Meersman, R., Tari, Z. (eds.) OTM 2005, Part I. LNCS, vol. 3760, pp. 130–147. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  3. Ahmed, T., Tripathi, A.R.: Static verification of security requirements in role based CSCW systems. In: Proceedings of the 8th ACM Symposium on Access Control Models and Technologies (SACMAT) (2003)

    Google Scholar 

  4. de Beer, H.: The LTL Checker Plugins: A Reference Manual. Eindhoven University of Technology, Eindhoven (2004)

    Google Scholar 

  5. de Medeiros, A., Günther, C.W.: Process Mining: Using CPN Tools to Create Test Logs for Mining Algorithms. In: Proceedings of the Sixth Workshop and Tutorial on Practical Use of Coloured Petri Nets and the CPN Tools, pp. 177–190 (2005)

    Google Scholar 

  6. Dumas, M., van der Aalst, W.M.P., ter Hofstede, A.: Process-Aware Information Systems. John Wiley & Sons, Inc. (2005)

    Google Scholar 

  7. El Kharbili, M., Alves de Medeiros, A., Stein, S., van der Aalst, W.: Business Process Compliance Checking: Current State and Future Challenges. In: MobIS, pp. 107–113 (2008)

    Google Scholar 

  8. Ferraiolo, D., Kuhn, D., Chandramouli, R.: Role-Based Access Control, 2nd edn. Artech House (2007)

    Google Scholar 

  9. Hansen, F., Oleshchuk, V.: Conformance Checking of RBAC Policy and its Implementation. In: Deng, R.H., Bao, F., Pang, H., Zhou, J. (eds.) ISPEC 2005. LNCS, vol. 3439, pp. 144–155. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  10. Pnueli, A.: The Temporal Logic of Programs. In: Foundations of Computer Science, pp. 46–57 (1977)

    Google Scholar 

  11. Rozinat, A., van der Aalst, W.M.P.: Conformance Testing: Measuring the Fit and Appropriateness of Event Logs and Process Models. In: Bussler, C.J., Haller, A. (eds.) BPM 2005. LNCS, vol. 3812, pp. 163–176. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  12. Rozinat, A., van der Aalst, W.: Conformance checking of processes based on monitoring real behavior. Information Systems 33(1), 64–95 (2008)

    Article  Google Scholar 

  13. Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer 29(2) (February 1996)

    Google Scholar 

  14. Sandhu, R., Samarati, P.: Access Control: Principles and Practice. IEEE Communications 32(9) (September 1994)

    Google Scholar 

  15. Strembeck, M.: Scenario-Driven Role Engineering. IEEE Security & Privacy 8(1) (January/February 2010)

    Google Scholar 

  16. Strembeck, M., Mendling, J.: Modeling process-related RBAC models with extended UML activity models. Information and Software Technology 53(5), 456–483 (2011)

    Article  Google Scholar 

  17. van der Aalst, W., de Medeiros, A.: Process Mining and Security: Detecting Anomalous Process Executions and Checking Process Conformance. Electronic Notes in Theoretical Computer Science 121, 3–21 (2005)

    Article  MATH  Google Scholar 

  18. van der Aalst, W., van Dongen, B.F., Günther, C.W., Rozinat, A., Verbeek, H.M.W., Weijters, A.J.M.M.: ProM: The Process Mining Toolkit. In: Proceedings of the BPM 2009 Demonstration Track, vol. 489. CEUR-WS.org (September 2009)

    Google Scholar 

  19. van der Aalst, W., van Dongen, B., Herbst, J., Maruster, L., Schimm, G., Weijters, A.J.M.M.: Workflow mining: A survey of issues and approaches. Data & Knowledge Engineering 47(2) (2003)

    Google Scholar 

  20. van Dongen, B., van der Aalst, W.: A Meta Model for Process Mining Data. In: Proceedings of the Open Interop Workshop on Enterprise Modelling and Ontologies for Interoperability (2005)

    Google Scholar 

  21. Verbeek, H.M.W., Buijs, J., van Dongen, B., van der Aalst, W.: ProM 6: The Process Mining Toolkit. In: Proceedings of BPM 2010 Demonstration Track, vol. 615, pp. 34–39. CEUR-WS.org (September 2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Information Systems and New Media, Vienna University of Economics and Business (WU Vienna), Vienna, Austria

    Anne Baumgrass & Mark Strembeck

  2. Institute of Information Systems, Humboldt-Universität zu Berlin, Germany

    Thomas Baier & Jan Mendling

Authors
  1. Anne Baumgrass
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thomas Baier
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jan Mendling
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mark Strembeck
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Trento, Povo, Italy

    Florian Daniel

  2. CNAM-CEDRIC, Paris, France

    Kamel Barkaoui

  3. Vienna University of Technology, Vienna, Austria

    Schahram Dustdar

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Baumgrass, A., Baier, T., Mendling, J., Strembeck, M. (2012). Conformance Checking of RBAC Policies in Process-Aware Information Systems. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds) Business Process Management Workshops. BPM 2011. Lecture Notes in Business Information Processing, vol 100. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28115-0_41

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28115-0_41

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28114-3

  • Online ISBN: 978-3-642-28115-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation