Static compliance checking beyond separation of duty constraints

Yang Bo; Chunhe Xia; Yang Luo; Qing Tang

doi:10.1109/3PGCIC.2014.53

Static compliance checking beyond separation of duty constraints

Yang Bo
, Chunhe Xia
, Yang Luo
, Qing Tang

Beijing Key Laboratory of Network Technology
Beihang University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

In many application domains, processes often have to comply with business level rules and policies, called compliance constraint. Separation of duty requirement is one of such constraint, and enhancement measures are taken to make sure the business process is compliance with the constraints. Separation of duty Algebra is a high level policy designed to specify Separation of duty constraints, which can describe both quantification requirements and qualification requirements. In this article, we improve the high level description SoDA by involving task information. The improved specification expresses relations between user and task, describes bind of duty constraint beyond separation of duty. In order to make the high level policy act on concrete process, we proceed by constructing mapping rules to translate high level policies to low level constraints, which is representing by Description Logic. Then, we propose a framework for business process compliance checking. At last we give a case study to show the suitably of the method.

Original language	English
Title of host publication	Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014
Editors	Leonard Barolli, Jin Li, Marek R. Ogiela, Fatos Xhafa, Tomoki Yoshihisa
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	171-178
Number of pages	8
ISBN (Electronic)	9781479941711
DOIs	https://doi.org/10.1109/3PGCIC.2014.53
State	Published - 27 Jan 2014
Event	9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014 - Guangzhou, Guangdong, China Duration: 8 Nov 2014 → 10 Nov 2014

Publication series

Name	Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014

Conference

Conference	9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014
Country/Territory	China
City	Guangzhou, Guangdong
Period	8/11/14 → 10/11/14

Keywords

business process compliance
description logic
framework
high level policy
low level constriant

Access to Document

10.1109/3PGCIC.2014.53

Cite this

Bo, Y., Xia, C., Luo, Y., & Tang, Q. (2014). Static compliance checking beyond separation of duty constraints. In L. Barolli, J. Li, M. R. Ogiela, F. Xhafa, & T. Yoshihisa (Eds.), Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014 (pp. 171-178). Article 7024576 (Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/3PGCIC.2014.53

Bo, Yang ; Xia, Chunhe ; Luo, Yang et al. / Static compliance checking beyond separation of duty constraints. Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014. editor / Leonard Barolli ; Jin Li ; Marek R. Ogiela ; Fatos Xhafa ; Tomoki Yoshihisa. Institute of Electrical and Electronics Engineers Inc., 2014. pp. 171-178 (Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014).

@inproceedings{30bf11e2ea2a4a77b3518a5abd33a0f8,

title = "Static compliance checking beyond separation of duty constraints",

abstract = "In many application domains, processes often have to comply with business level rules and policies, called compliance constraint. Separation of duty requirement is one of such constraint, and enhancement measures are taken to make sure the business process is compliance with the constraints. Separation of duty Algebra is a high level policy designed to specify Separation of duty constraints, which can describe both quantification requirements and qualification requirements. In this article, we improve the high level description SoDA by involving task information. The improved specification expresses relations between user and task, describes bind of duty constraint beyond separation of duty. In order to make the high level policy act on concrete process, we proceed by constructing mapping rules to translate high level policies to low level constraints, which is representing by Description Logic. Then, we propose a framework for business process compliance checking. At last we give a case study to show the suitably of the method.",

keywords = "business process compliance, description logic, framework, high level policy, low level constriant",

author = "Yang Bo and Chunhe Xia and Yang Luo and Qing Tang",

note = "Publisher Copyright: {\textcopyright} 2014 IEEE.; 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014 ; Conference date: 08-11-2014 Through 10-11-2014",

year = "2014",

month = jan,

day = "27",

doi = "10.1109/3PGCIC.2014.53",

language = "英语",

series = "Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "171--178",

editor = "Leonard Barolli and Jin Li and Ogiela, \{Marek R.\} and Fatos Xhafa and Tomoki Yoshihisa",

booktitle = "Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014",

address = "美国",

}

Bo, Y , Xia, C, Luo, Y & Tang, Q 2014, Static compliance checking beyond separation of duty constraints. in L Barolli, J Li, MR Ogiela, F Xhafa & T Yoshihisa (eds), Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014., 7024576, Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014, Institute of Electrical and Electronics Engineers Inc., pp. 171-178, 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014, Guangzhou, Guangdong, China, 8/11/14. https://doi.org/10.1109/3PGCIC.2014.53

Static compliance checking beyond separation of duty constraints. / Bo, Yang ; Xia, Chunhe; Luo, Yang et al.
Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014. ed. / Leonard Barolli; Jin Li; Marek R. Ogiela; Fatos Xhafa; Tomoki Yoshihisa. Institute of Electrical and Electronics Engineers Inc., 2014. p. 171-178 7024576 (Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Static compliance checking beyond separation of duty constraints

AU - Bo, Yang

AU - Xia, Chunhe

AU - Luo, Yang

AU - Tang, Qing

PY - 2014/1/27

Y1 - 2014/1/27

N2 - In many application domains, processes often have to comply with business level rules and policies, called compliance constraint. Separation of duty requirement is one of such constraint, and enhancement measures are taken to make sure the business process is compliance with the constraints. Separation of duty Algebra is a high level policy designed to specify Separation of duty constraints, which can describe both quantification requirements and qualification requirements. In this article, we improve the high level description SoDA by involving task information. The improved specification expresses relations between user and task, describes bind of duty constraint beyond separation of duty. In order to make the high level policy act on concrete process, we proceed by constructing mapping rules to translate high level policies to low level constraints, which is representing by Description Logic. Then, we propose a framework for business process compliance checking. At last we give a case study to show the suitably of the method.

AB - In many application domains, processes often have to comply with business level rules and policies, called compliance constraint. Separation of duty requirement is one of such constraint, and enhancement measures are taken to make sure the business process is compliance with the constraints. Separation of duty Algebra is a high level policy designed to specify Separation of duty constraints, which can describe both quantification requirements and qualification requirements. In this article, we improve the high level description SoDA by involving task information. The improved specification expresses relations between user and task, describes bind of duty constraint beyond separation of duty. In order to make the high level policy act on concrete process, we proceed by constructing mapping rules to translate high level policies to low level constraints, which is representing by Description Logic. Then, we propose a framework for business process compliance checking. At last we give a case study to show the suitably of the method.

KW - business process compliance

KW - description logic

KW - framework

KW - high level policy

KW - low level constriant

UR - https://www.scopus.com/pages/publications/84946688919

U2 - 10.1109/3PGCIC.2014.53

DO - 10.1109/3PGCIC.2014.53

M3 - 会议稿件

AN - SCOPUS:84946688919

T3 - Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014

SP - 171

EP - 178

BT - Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014

A2 - Barolli, Leonard

A2 - Li, Jin

A2 - Ogiela, Marek R.

A2 - Xhafa, Fatos

A2 - Yoshihisa, Tomoki

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014

Y2 - 8 November 2014 through 10 November 2014

ER -

Bo Y , Xia C, Luo Y, Tang Q. Static compliance checking beyond separation of duty constraints. In Barolli L, Li J, Ogiela MR, Xhafa F, Yoshihisa T, editors, Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014. Institute of Electrical and Electronics Engineers Inc. 2014. p. 171-178. 7024576. (Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014). doi: 10.1109/3PGCIC.2014.53

Static compliance checking beyond separation of duty constraints

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this