Monday, 8 November 2010

Suumery of: A Knowledge-based Security Policy Framework for Business Process Management


Title: A Knowledge-based Security Policy Framework for Business Process Management.
Authors: Dong Huang, Yi Yang, Jacques Calmet
Puplished: 2006.

This paper was more focused on the security policy and framework, the idea of it was to “gather pertinent data/knowledge from multiple stakeholders in the e- business scenario, along with constraints specified by non- functional requirements of web services and business rules”. It definition of security was only regarding access control, confidentiality, and integrity.

Section 2 talked about the agent approach for web services and introduces the principle of AOA and VKC, which is not important to us.

Section 3 outlines the requirements of the security constraints specification language for web services and introduces the principle of Constraint Interchange Format. It discussed the “Security Constraints Specification Language”, and explained the domains and levels of security framework (service domain, policy domain, rule domain, properties, and rule). Then it went technical in “interchange format”. Finally gave an example on “Framework Architecture” explaining the idea of a security framework for a BPM.

Section 4 surveys related works. And Section 5 includes the future research direction for the work and conclusion.

This paper investigated a distributed knowledge management approach to help modeling web services policies, and also proposed a representation for security constraints at the Semantic Web logic layer.

No comments:

Post a Comment