@inproceedings{01dadfa062a54a03b9020edfe673ed8d,
title = "PASOAC-net: A Petri-net model to manage authorization in service-based business process",
abstract = "A successful execution of a Business Process (BP) is possible only if the proper coordination exists between (1) BP's execution policy, (2) BP's authorization policy, and (3) the authorization policies of BP's resources. Hence, there is a need of an effective authorization model that brings all types of policies together for a BP executing successfully without breaking any authorization and business rules. This paper proposes a Petri-Net process model, Process-Aware Service-Oriented Authorization Control Net (PASOAC-Net). PASOAC-Net is developed based on the conceptual model PASOAC, an extension of Role Based Access Control (RBAC), which takes both resources and users into account. A set of authorization constraints is designed in PASOAC to coordinate the user access and the resource support in a process environment.",
author = "Haiyang Sun and Weiliang Zhao and Surya Nepal",
year = "2012",
doi = "10.1007/978-3-642-34321-6-41",
language = "English",
isbn = "9783642343209",
volume = "7636 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer, Springer Nature",
pages = "566--573",
editor = "Chengfei Liu and Heiko Ludwig and Farouk Toumani and Qi Yu",
booktitle = "Service-Oriented Computing - 10th International Conference, ICSOC 2012, Proceedings",
address = "United States",
note = "10th International Conference on Service-Oriented Computing, ICSOC 2012 ; Conference date: 12-11-2012 Through 15-11-2012",
}