Static Compliance Checking beyond Separation of Duty Constraints

2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing Pub Date : 2014-11-08 DOI:10.1109/3PGCIC.2014.53

Yang Bo, Chunhe Xia, Yang Luo, Qing Tang

{"title":"Static Compliance Checking beyond Separation of Duty Constraints","authors":"Yang Bo, Chunhe Xia, Yang Luo, Qing Tang","doi":"10.1109/3PGCIC.2014.53","DOIUrl":null,"url":null,"abstract":"In many application domains, processes often have to comply with business level rules and policies, called compliance constraint. Separation of duty requirement is one of such constraint, and enhancement measures are taken to make sure the business process is compliance with the constraints. Separation of duty Algebra is a high level policy designed to specify Separation of duty constraints, which can describe both quantification requirements and qualification requirements. In this article, we improve the high level description SoDA by involving task information. The improved specification expresses relations between user and task, describes bind of duty constraint beyond separation of duty. In order to make the high level policy act on concrete process, we proceed by constructing mapping rules to translate high level policies to low level constraints, which is representing by Description Logic. Then, we propose a framework for business process compliance checking. At last we give a case study to show the suitably of the method.","PeriodicalId":395610,"journal":{"name":"2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing","volume":"106 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/3PGCIC.2014.53","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

In many application domains, processes often have to comply with business level rules and policies, called compliance constraint. Separation of duty requirement is one of such constraint, and enhancement measures are taken to make sure the business process is compliance with the constraints. Separation of duty Algebra is a high level policy designed to specify Separation of duty constraints, which can describe both quantification requirements and qualification requirements. In this article, we improve the high level description SoDA by involving task information. The improved specification expresses relations between user and task, describes bind of duty constraint beyond separation of duty. In order to make the high level policy act on concrete process, we proceed by constructing mapping rules to translate high level policies to low level constraints, which is representing by Description Logic. Then, we propose a framework for business process compliance checking. At last we give a case study to show the suitably of the method.

查看原文本刊更多论文

超越职责分离约束的静态遵从性检查

在许多应用程序领域中，流程通常必须遵守业务级规则和策略，称为遵从性约束。职责分离需求就是这样的约束之一，并采取增强措施以确保业务流程符合约束。职责分离代数是用于指定职责分离约束的高级策略，它既可以描述量化需求，也可以描述资格要求。在本文中，我们通过涉及任务信息来改进高级描述SoDA。改进后的规范表达了用户与任务之间的关系，描述了职责分离之外的职责约束绑定。为了使高层策略作用于具体过程，我们通过构造映射规则将高层策略转换为低层约束，用描述逻辑表示。然后，我们提出一个用于业务流程遵从性检查的框架。最后通过一个实例说明了该方法的适用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing

自引率

0.00%

发文量