Architectural Alignment of Access Control Requirements Extracted from Business Processes
Abstract:
Business processes and information systems evolve constantly and affect each other in non-trivial ways. Aligning security requirements between both is a challenging task. This work presents an automated approach to extract access control requirements from business processes with the purpose of transforming them into a) access permissions for role-based access control and b) architectural data flow constraints to identify violations of access control in enterprise application architectures.
| Zugehörige Institution(en) am KIT | Institut für Informationssicherheit und Verlässlichkeit (KASTEL) |
| Publikationstyp | Hochschulschrift |
| Publikationsjahr | 2023 |
| Sprache | Englisch |
| Identifikator | ISBN: 978-3-7315-1212-7 ISSN: 1867-0067 KITopen-ID: 1000148100 |
| Verlag | KIT Scientific Publishing |
| Umfang | XXII, 329 S. |
| Serie | The Karlsruhe Series on Software Design and Quality / Ed. by Prof. Dr. Ralf Reussner ; 35 |
| Art der Arbeit | Dissertation |
| Fakultät | Fakultät für Informatik (INFORMATIK) |
| Institut | Institut für Informationssicherheit und Verlässlichkeit (KASTEL) |
| Prüfungsdaten | 28.10.2021 |
| Prüfungsdatum | 28.10.2021 |
| Schlagwörter | Software Engineering, Enterprise Architecture, Zugriffskontrolle, Geschäftsprozesse, Software Engineering, Enterprise Architecture, Access Control, Business Processes |
| Relationen in KITopen | |
| Referent/Betreuer | Reussner, Ralf H. |