Static compliance checking beyond separation of duty constraints

Yang Bo; Chunhe Xia; Yang Luo; Qing Tang

doi:10.1504/IJES.2018.095021

Static compliance checking beyond separation of duty constraints

Yang Bo
, Chunhe Xia
, Yang Luo^*
, Qing Tang

^*Corresponding author for this work

Beihang University
Peking University

Research output: Contribution to journal › Article › peer-review

Abstract

Compliance requirements, such as separation of duty and binding of duty, have to be satisfied in many application domains. Existing compliance checking frameworks either have limited expressiveness or rely on model checking, which has small applicable range and low efficiency. To overcome these limitations, we improve high level expression separation of duty algebra to: 1) describe both SoD and BoD constraints to make it more expressive; 2) describe user-task relationship to perform compliance checking. In order to make the improved high level policy act on concrete process, we: 1) construct mapping rules to translate the improved high level policies to low level constraints described in description logic; 2) propose a reasoning framework to check for business process compliance. We report on the applicability of our approach via a case study.

Original language	English
Pages (from-to)	423-436
Number of pages	14
Journal	International Journal of Embedded Systems
Volume	10
Issue number	5
DOIs	https://doi.org/10.1504/IJES.2018.095021
State	Published - 2018

Keywords

Business process compliance
Description logic
Framework
High level policy
Low level constraint

Access to Document

10.1504/IJES.2018.095021

Cite this

@article{4e601197f3f44c1dae39a666fe8379b1,

title = "Static compliance checking beyond separation of duty constraints",

abstract = "Compliance requirements, such as separation of duty and binding of duty, have to be satisfied in many application domains. Existing compliance checking frameworks either have limited expressiveness or rely on model checking, which has small applicable range and low efficiency. To overcome these limitations, we improve high level expression separation of duty algebra to: 1) describe both SoD and BoD constraints to make it more expressive; 2) describe user-task relationship to perform compliance checking. In order to make the improved high level policy act on concrete process, we: 1) construct mapping rules to translate the improved high level policies to low level constraints described in description logic; 2) propose a reasoning framework to check for business process compliance. We report on the applicability of our approach via a case study.",

keywords = "Business process compliance, Description logic, Framework, High level policy, Low level constraint",

author = "Yang Bo and Chunhe Xia and Yang Luo and Qing Tang",

note = "Publisher Copyright: {\textcopyright} 2018 Inderscience Enterprises Ltd.",

year = "2018",

doi = "10.1504/IJES.2018.095021",

language = "英语",

volume = "10",

pages = "423--436",

journal = "International Journal of Embedded Systems",

issn = "1741-1068",

publisher = "Inderscience Enterprises Ltd",

number = "5",

}

TY - JOUR

T1 - Static compliance checking beyond separation of duty constraints

AU - Bo, Yang

AU - Xia, Chunhe

AU - Luo, Yang

AU - Tang, Qing

PY - 2018

Y1 - 2018

N2 - Compliance requirements, such as separation of duty and binding of duty, have to be satisfied in many application domains. Existing compliance checking frameworks either have limited expressiveness or rely on model checking, which has small applicable range and low efficiency. To overcome these limitations, we improve high level expression separation of duty algebra to: 1) describe both SoD and BoD constraints to make it more expressive; 2) describe user-task relationship to perform compliance checking. In order to make the improved high level policy act on concrete process, we: 1) construct mapping rules to translate the improved high level policies to low level constraints described in description logic; 2) propose a reasoning framework to check for business process compliance. We report on the applicability of our approach via a case study.

AB - Compliance requirements, such as separation of duty and binding of duty, have to be satisfied in many application domains. Existing compliance checking frameworks either have limited expressiveness or rely on model checking, which has small applicable range and low efficiency. To overcome these limitations, we improve high level expression separation of duty algebra to: 1) describe both SoD and BoD constraints to make it more expressive; 2) describe user-task relationship to perform compliance checking. In order to make the improved high level policy act on concrete process, we: 1) construct mapping rules to translate the improved high level policies to low level constraints described in description logic; 2) propose a reasoning framework to check for business process compliance. We report on the applicability of our approach via a case study.

KW - Business process compliance

KW - Description logic

KW - Framework

KW - High level policy

KW - Low level constraint

UR - https://www.scopus.com/pages/publications/85054586871

U2 - 10.1504/IJES.2018.095021

DO - 10.1504/IJES.2018.095021

M3 - 文章

AN - SCOPUS:85054586871

SN - 1741-1068

VL - 10

SP - 423

EP - 436

JO - International Journal of Embedded Systems

JF - International Journal of Embedded Systems

IS - 5

ER -

Static compliance checking beyond separation of duty constraints

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this