Comprehensive Life Cycle Support for Access Rules in Information Systems: The CEOSIS Project
The definition and management of access rules (e.g., to control access to business documents and business functions) is a fundamental task in any Enterprise Information System (EIS). While there exists considerable work on how to specify and represent access rules, only little research has been spent on access rule changes. Examples include the evolution of organizational models with need for subsequent adaptation of related access rules as well as direct access rule modifications (e.g., to state a previously defined rule more precisely). This paper presents a comprehensive change framework for the controlled evolution of role-based access rules in EIS.