Source: Maria Leitner,Stefanie Rinderle-Ma, and Juergen Mangler. Responsibility-driven Design and Development of Process-aware Security Policies. in Sixth International Conference on Availability, Reliability and Security. 2011.
Security policies are a set of principles that control which subject is allowed to access which object within an information systems. In PAIS, however, security policies require a more detailed definition due to the multi-faceted characteristics of such systems. Specifically, security policies in PAIS might relate to access control, control flow, information flow, data integrity, and availability.
Security aspects in security polices:
Structural Aspect: denotes a set of data objects and tasks, and how they occur in a process model.
- Responsibilities: We define a responsibility r to be a piece of data or interrelated tasks from the point of a certain role.
Operational Aspect: denotes constraints on this data objects and tasks, for example during process execution. I.e. under which circumstances something is allowed.
- Permissions: define which operations (execute, monitor) are allowed for which security objects (process execution, process model change, service selection).
** all information below is quoted directly from the source paper, non of this is in my own words **
Security policies are a set of principles that control which subject is allowed to access which object within an information systems. In PAIS, however, security policies require a more detailed definition due to the multi-faceted characteristics of such systems. Specifically, security policies in PAIS might relate to access control, control flow, information flow, data integrity, and availability.
Security aspects in security polices:
Structural Aspect: denotes a set of data objects and tasks, and how they occur in a process model.
- Responsibilities: We define a responsibility r to be a piece of data or interrelated tasks from the point of a certain role.
Operational Aspect: denotes constraints on this data objects and tasks, for example during process execution. I.e. under which circumstances something is allowed.
- Permissions: define which operations (execute, monitor) are allowed for which security objects (process execution, process model change, service selection).
No comments:
Post a Comment