Aligning Business Process Access Control Policies with Enterprise Architecture.
CECC(2018)
摘要
Access control policies are a fundamental building block in meeting security and privacy requirements in organizations across business processes, enterprise architectures, and software architectures. Usage of different models for business processes and software makes eliciting and enforcing access control policies hard. Approaches like enterprise architecture management target complex mutual interdependencies between business and IT models but can be hard to apply. We suggest an approach to derive access control requirements from business processes and test compliance of software designs by data flow analyses. As a result, business processes and software designs are aligned w.r.t. access control requirements.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络