Architectural Alignment of Access Control Requirements Extracted from Business Processes
Business processes and information systems evolve constantly and affect each other in non-trivial ways. Aligning security requirements between both is a challenging task. This work presents an automated approach to extract access control requirements from business processes with the purpose of transforming them into a) access permissions for role-based access control and b) architectural data flow constraints to identify violations of access control in enterprise application architectures.
KeywordsSoftware Engineering; Enterprise Architecture; Zugriffskontrolle; Geschäftsprozesse; Access Control; Business Processes
PublisherKIT Scientific Publishing
Publication date and place2023
SeriesThe Karlsruhe Series on Software Design and Quality,
Maths for computer scientists