In the paper, an integrated approach for the modeling and enforcement of delegation policies in process-aware information systems is presented. In particular, a delegation extension for process-related role-based access control (RBAC) models is specified. The extension is generic in the sense that it can be used to extend process-aware information systems or process modeling languages with support for processrelated RBAC delegationmodels.Moreover, the detection of delegation-related conflicts is discussed and a set of pre-defined resolution strategies for each potential conflict is provided. Thereby, the design-time and runtime consistency of corresponding RBAC delegation models can be ensured. Based on a formal metamodel, UML2 modeling support for the delegation of roles, tasks, and duties is provided. A corresponding case study evaluates the practical applicability of the approach with real-world business processes. Moreover, the approach is implemented as an extension to the BusinessActivity library and runtime engine.
Schefer-Wenzl, Sigrid and Strembeck, Mark
"Modeling Support for Role-Based Delegation in Process-Aware Information Systems,"
Business & Information Systems Engineering:
Vol. 6: Iss. 4, 215-237.
Available at: http://aisel.aisnet.org/bise/vol6/iss4/4