On Evolving Organizational Models without Losing Control on Authorization Constraints in Web Service Orchestrations. Rinderle-Ma, S. & Leitner, M. In Proceedings of the 12th IEEE Conference on Commerce and Enterprise Computing (CEC), pages 128–135, November, 2010. IEEE.
Paper doi abstract bibtex Providing adequate access control is crucial for the proper execution of any Web Service (WS) orchestration. Typically, access rules and authorization constraints are defined for a WS orchestration and are resolved over an organizational model at runtime in order to find authorized users to perform orchestration tasks. As known from many practical studies, organizational models are frequently subject to change (e.g., outsourcing or restructuring). Although the effects of organizational changes on access rules have been investigated so far, their effects on authorization constraints remain still completely unclear, albeit violating authorization constraints might lead to severe problems such as security holes. In this paper, we systematically investigate the effects of organizational changes on authorization constraints and propose different strategies to cope with possible violations. We evaluate our results along the most common types of authorization constraints and discuss the impact of the selected implementation choice.
@inproceedings{Rinderle-maL_evolving_2010,
title = {On Evolving Organizational Models without Losing Control on Authorization Constraints in Web Service Orchestrations},
isbn = {978-1-4244-8433-1},
doi = {10.1109/CEC.2010.17},
abstract = {Providing adequate access control is crucial for the proper execution of any Web Service ({WS)} orchestration. Typically, access rules and authorization constraints are defined for a {WS} orchestration and are resolved over an organizational model at runtime in order to find authorized users to perform orchestration tasks. As known from many practical studies, organizational models are frequently subject to change (e.g., outsourcing or restructuring). Although the effects of organizational changes on access rules have been investigated so far, their effects on authorization constraints remain still completely unclear, albeit violating authorization constraints might lead to severe problems such as security holes. In this paper, we systematically investigate the effects of organizational changes on authorization constraints and propose different strategies to cope with possible violations. We evaluate our results along the most common types of authorization constraints and discuss the impact of the selected implementation choice.},
language = {English},
booktitle = {Proceedings of the 12th {IEEE} Conference on Commerce and Enterprise Computing ({CEC)}},
publisher = {{IEEE}},
url = {http://dx.doi.org/10.1109/CEC.2010.17},
author = {Rinderle-Ma, Stefanie and Leitner, Maria},
month = nov,
year = {2010},
keywords = {security},
pages = {128--135}
}
Downloads: 0
{"_id":"TsjWWW9cSa3R7pA3P","bibbaseid":"rinderlema-leitner-onevolvingorganizationalmodelswithoutlosingcontrolonauthorizationconstraintsinwebserviceorchestrations-2010","downloads":0,"creationDate":"2018-07-19T17:20:12.432Z","title":"On Evolving Organizational Models without Losing Control on Authorization Constraints in Web Service Orchestrations","author_short":["Rinderle-Ma, S.","Leitner, M."],"year":2010,"bibtype":"inproceedings","biburl":"https://marialeitner.org/wp-content/uploads/2022/03/ml_publications.bib","bibdata":{"bibtype":"inproceedings","type":"inproceedings","title":"On Evolving Organizational Models without Losing Control on Authorization Constraints in Web Service Orchestrations","isbn":"978-1-4244-8433-1","doi":"10.1109/CEC.2010.17","abstract":"Providing adequate access control is crucial for the proper execution of any Web Service (WS) orchestration. Typically, access rules and authorization constraints are defined for a WS orchestration and are resolved over an organizational model at runtime in order to find authorized users to perform orchestration tasks. As known from many practical studies, organizational models are frequently subject to change (e.g., outsourcing or restructuring). Although the effects of organizational changes on access rules have been investigated so far, their effects on authorization constraints remain still completely unclear, albeit violating authorization constraints might lead to severe problems such as security holes. In this paper, we systematically investigate the effects of organizational changes on authorization constraints and propose different strategies to cope with possible violations. We evaluate our results along the most common types of authorization constraints and discuss the impact of the selected implementation choice.","language":"English","booktitle":"Proceedings of the 12th IEEE Conference on Commerce and Enterprise Computing (CEC)","publisher":"IEEE","url":"http://dx.doi.org/10.1109/CEC.2010.17","author":[{"propositions":[],"lastnames":["Rinderle-Ma"],"firstnames":["Stefanie"],"suffixes":[]},{"propositions":[],"lastnames":["Leitner"],"firstnames":["Maria"],"suffixes":[]}],"month":"November","year":"2010","keywords":"security","pages":"128–135","bibtex":"@inproceedings{Rinderle-maL_evolving_2010,\n\ttitle = {On Evolving Organizational Models without Losing Control on Authorization Constraints in Web Service Orchestrations},\n\tisbn = {978-1-4244-8433-1},\n\tdoi = {10.1109/CEC.2010.17},\n\tabstract = {Providing adequate access control is crucial for the proper execution of any Web Service ({WS)} orchestration. Typically, access rules and authorization constraints are defined for a {WS} orchestration and are resolved over an organizational model at runtime in order to find authorized users to perform orchestration tasks. As known from many practical studies, organizational models are frequently subject to change (e.g., outsourcing or restructuring). Although the effects of organizational changes on access rules have been investigated so far, their effects on authorization constraints remain still completely unclear, albeit violating authorization constraints might lead to severe problems such as security holes. In this paper, we systematically investigate the effects of organizational changes on authorization constraints and propose different strategies to cope with possible violations. We evaluate our results along the most common types of authorization constraints and discuss the impact of the selected implementation choice.},\n\tlanguage = {English},\n\tbooktitle = {Proceedings of the 12th {IEEE} Conference on Commerce and Enterprise Computing ({CEC)}},\n\tpublisher = {{IEEE}},\n\turl = {http://dx.doi.org/10.1109/CEC.2010.17},\n\tauthor = {Rinderle-Ma, Stefanie and Leitner, Maria},\n\tmonth = nov,\n\tyear = {2010},\n\tkeywords = {security},\n\tpages = {128--135}\n}","author_short":["Rinderle-Ma, S.","Leitner, M."],"key":"Rinderle-maL_evolving_2010","id":"Rinderle-maL_evolving_2010","bibbaseid":"rinderlema-leitner-onevolvingorganizationalmodelswithoutlosingcontrolonauthorizationconstraintsinwebserviceorchestrations-2010","role":"author","urls":{"Paper":"http://dx.doi.org/10.1109/CEC.2010.17"},"keyword":["security"],"metadata":{"authorlinks":{}}},"search_terms":["evolving","organizational","models","without","losing","control","authorization","constraints","web","service","orchestrations","rinderle-ma","leitner"],"keywords":["security"],"authorIDs":[],"dataSources":["dMP58F3Kn38LvzYub","4ns583B5s5eZ5sZnA","BjPesamjtLXF7hp7L"]}