Academic
Publications
Verification of Dynamic Separation of Duty Policy for Role-based Business Processes

Verification of Dynamic Separation of Duty Policy for Role-based Business Processes,10.1109/TPSD.2008.4562752,Aashay Thipse,Rattikorn Hewett

Verification of Dynamic Separation of Duty Policy for Role-based Business Processes   (Citations: 3)
BibTex | RIS | RefWorks Download
Separation of duty (SoD) is a widely used security principle to help prevent frauds in a business process. Though SoD has been studied by many researchers, most of them are concerned with specifications of various types of SoD constraints for policy enforcement. For large organizations that employ SoD policies, the ability to automatically verify if a given user-role assignment complies with SoD policies is of the great value for security management. This paper proposes an algorithm for constraint checking of simple dynamic SoD. Unlike most previous work that enforces SoD policy at run time (when roles are activated), our approach examines policy enforcement build-time (prior to run rime, i.e. when roles are assigned to users but not activated).
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
    • ...Thipse and Hewett [7, 8] proposed an algorithm for constraint checking of simple dynamic SoD that works in a form of mutually exclusive roles pair...

    Nanta Janpitaket al. Run-time enforcement model for Dynamic Separation of Duty

    • ... delegation activities could be detected[IO]; Strembeck presented an implementation of conflict-checking methods for separation of duty constraints in the xoRBAC access control servicej l l], Rattikom et al proposed computational techniques for analyzing SoD by integrating workflows of the enterprise processes into the RBAC framework[12], and later, they proposed an algorithm for constraint checking of simple dynamic SoD at build-time[13]...

    Xiyuan Chenet al. A Directed Acyclic Graph based Detection for RBAC Based Secure

Sort by: