@inproceedings{02e241d435004b929525778ae0d86bac,
title = "Consolidating the access control of composite applications and workflows",
abstract = "The need for enterprise application integration projects leads to complex composite applications. For the sake of security and efficiency, consolidated access control policies for composite applications should be provided. Such a policy is based on the policies of the corresponding autonomous sub-applications and has the following properties: On the one hand, it needs to be as restrictive as possible to block requests which do not comply with the integrated sub-applications' policies. Thereby, unsuccessful executions of requests are prevented at an early stage. On the other hand, the composite policy must grant all necessary privileges in order to make the intended functionality available to legitimate users. In this paper, we present our formal model and respective algorithmic solutions for consolidating the access control of composite applications. The generated policies conform to the presented requirements of the least privileges paradigm and, thus, allow to revise and optimize the access control of composite applications. We demonstrate this by means of Web service workflows that constitute the state of the art for the realization of business processes.",
author = "Martin Wimmer and Alfons Kemper and Maarten Rits and Volkmar Lotz",
year = "2006",
doi = "10.1007/11805588_4",
language = "English",
isbn = "3540367969",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "44--59",
editor = "Peng Liu and Ernesto Damiani",
booktitle = "Data and Applications Security XX - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Proceedings",
note = "20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security ; Conference date: 31-07-2006 Through 02-08-2006",
}