Separation of Duties as a Service
The authors introduce the concept of Separation of Duties (SoD) as a Service, an approach to enforcing SoD requirements on work flows and thereby preventing fraud and errors. SoD as a Service facilitates a separation of concern between business experts and security professionals. Moreover, it allows enterprises to address the need for internal controls and to quickly adapt to organizational, regulatory, and technological changes. In this paper, they describe an implementation of SoD as a Service, which extends a widely used, commercial work flow system, and discuss its performance. They present a drug dispensation work flow deployed in a hospital as case study to demonstrate the feasibility and benefits of their proof-of-concept implementation.