Specifying Separation of Duty Constraints in BPEL4People Processes

Security issues have to be carefully considered for information systems that support the business processes of an organization, in particular, when these systems build on open interfaces such as web services. In this paper, the authors examine the new BPEL extension BPEL4People from an access control perspective. In particular, they discuss the importance of "Separation of duty" constraints and identify options to specify such constraints in BPEL4People processes. Moreover, they identify and discuss shortcomings of the BPEL4People specifications that complicate and/or impede separation of duty enforcement. In addition, they suggest solutions which can be introduced into future versions of BPEL4People to mitigate those shortcomings.

Provided by: Queensland Treasury Corporation Topic: Date Added: Jan 2008 Format: PDF

Find By Topic