An Access-Control Framework for WS-BPEL

An Access-Control Framework for WS-BPEL

Frederica Paci (Purdue University, USA), Elisa Bertino (Purdue University, USA) and Jason Crampton (University of London, UK)
Copyright: © 2008 |Pages: 24
DOI: 10.4018/jwsr.2008070102
OnDemand PDF Download:


Business processes, the next-generation workflows, have attracted considerable research interest in the last 15 years. More recently, several XML-based languages have been proposed for specifying and orchestrating business processes, resulting in the WS-BPEL language. Even if WS-BPEL has been developed to specify automated business processes that orchestrate activities of multiple Web services, there are many applications and situations requiring that people be considered as additional participants who can influence the execution of a process. Significant omissions from WS-BPEL are the specification of activities that require interactions with humans to be completed, called human activities, and the specification of authorization information associating users with human activities in a WS-BPEL business process and authorization constraints, such as separation of duty, on the execution of human activities. In this article, we address these deficiencies by introducing a new type of WS-BPEL activity to model human activities and by developing RBAC-WS-BPEL, a role-based access-control model for WS-BPEL, and BPCL, a language to specify authorization constraints.

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 14: 4 Issues (2017): Forthcoming, Available for Pre-Order
Volume 13: 4 Issues (2016)
Volume 12: 4 Issues (2015)
Volume 11: 4 Issues (2014)
Volume 10: 4 Issues (2013)
Volume 9: 4 Issues (2012)
Volume 8: 4 Issues (2011)
Volume 7: 4 Issues (2010)
Volume 6: 4 Issues (2009)
Volume 5: 4 Issues (2008)
Volume 4: 4 Issues (2007)
Volume 3: 4 Issues (2006)
Volume 2: 4 Issues (2005)
Volume 1: 4 Issues (2004)
View Complete Journal Contents Listing