根据组织安全策略验证工作流流程

Proceedings. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'99) Pub Date : 1999-06-16 DOI:10.1109/ENABL.1999.805198

Carlos Ribeiro, P. Guedes

{"title":"根据组织安全策略验证工作流流程","authors":"Carlos Ribeiro, P. Guedes","doi":"10.1109/ENABL.1999.805198","DOIUrl":null,"url":null,"abstract":"Workflow applications for large complex organizations often need to cross several security domains, each with different management and specific security requirements. The resultant cross-dependency between the workflow specification and the security policy of each domain can be hard to manage without specific tools. This work presents a static analyzer that automatically verifies the consistency between workflow specifications written in WPDL (Workflow Process Definition Language) and organization security policies, written in a security language specially designed to express simultaneously several security policies.","PeriodicalId":287840,"journal":{"name":"Proceedings. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'99)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1999-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":"{\"title\":\"Verifying workflow processes against organization security policies\",\"authors\":\"Carlos Ribeiro, P. Guedes\",\"doi\":\"10.1109/ENABL.1999.805198\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Workflow applications for large complex organizations often need to cross several security domains, each with different management and specific security requirements. The resultant cross-dependency between the workflow specification and the security policy of each domain can be hard to manage without specific tools. This work presents a static analyzer that automatically verifies the consistency between workflow specifications written in WPDL (Workflow Process Definition Language) and organization security policies, written in a security language specially designed to express simultaneously several security policies.\",\"PeriodicalId\":287840,\"journal\":{\"name\":\"Proceedings. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'99)\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1999-06-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"19\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'99)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ENABL.1999.805198\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'99)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ENABL.1999.805198","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 19

摘要

大型复杂组织的工作流应用程序通常需要跨越几个安全域，每个域都有不同的管理和特定的安全需求。如果没有特定的工具，工作流规范和每个域的安全策略之间的交叉依赖关系很难管理。这项工作提出了一个静态分析器，可以自动验证用WPDL(工作流过程定义语言)编写的工作流规范与组织安全策略之间的一致性，组织安全策略是用一种专门设计用于同时表达多个安全策略的安全语言编写的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Verifying workflow processes against organization security policies

Workflow applications for large complex organizations often need to cross several security domains, each with different management and specific security requirements. The resultant cross-dependency between the workflow specification and the security policy of each domain can be hard to manage without specific tools. This work presents a static analyzer that automatically verifies the consistency between workflow specifications written in WPDL (Workflow Process Definition Language) and organization security policies, written in a security language specially designed to express simultaneously several security policies.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'99)

自引率

0.00%

发文量