Article: Identity business processes Journal: International Journal of Trust Management in Computing and Communications (IJTMCC) 2014 Vol.2 No.1 pp.40 - 77 Abstract: To facilitate information-system security, e.g., access control or audit, the entities involved play a key role. This makes identity management an important task. The success of service-oriented architectures (SOA) has lead to the development of federated identity management (FIM), to deal with the dynamic nature of SOA and to achieve economies of scale. Business processes in SOA are a composition of services provided by IT systems and manual actions performed by humans. Such compositions highly depend on the identity of participants. The identity in turn determines aspects such as preferred services or assignment of tasks. We analyse how to use FIM technologies to facilitate such identity-based compositions and identify the problems arising from this combination (business processes and FIM). Based on standards for business-process management, access control, and FIM, by carefully considerating design alternatives, we propose a system architecture for the execution of identity-based business processes. The system implements FIM concepts in an application-specific way, based on declarative configuration and taking the run-time context of business processes into account. Finally, we describe our implementation of the architecture based on the ZXID open-source library and its evaluation using a case study. Inderscience Publishers - linking academia, business and industry through research

Title: Identity business processes

Authors: Jens Müller; Klemens Böhm

Addresses: Faculty of Informatics, Karlsruhe Institute of Technology, Am Fasanengarten 5, 76131 Karlsruhe, Germany ' Faculty of Informatics, Karlsruhe Institute of Technology, Am Fasanengarten 5, 76131 Karlsruhe, Germany

Abstract: To facilitate information-system security, e.g., access control or audit, the entities involved play a key role. This makes identity management an important task. The success of service-oriented architectures (SOA) has lead to the development of federated identity management (FIM), to deal with the dynamic nature of SOA and to achieve economies of scale. Business processes in SOA are a composition of services provided by IT systems and manual actions performed by humans. Such compositions highly depend on the identity of participants. The identity in turn determines aspects such as preferred services or assignment of tasks. We analyse how to use FIM technologies to facilitate such identity-based compositions and identify the problems arising from this combination (business processes and FIM). Based on standards for business-process management, access control, and FIM, by carefully considerating design alternatives, we propose a system architecture for the execution of identity-based business processes. The system implements FIM concepts in an application-specific way, based on declarative configuration and taking the run-time context of business processes into account. Finally, we describe our implementation of the architecture based on the ZXID open-source library and its evaluation using a case study.

Keywords: access control; federated identity management; FIM; service-oriented architecture; SOA; business process management; information systems; information security.

DOI: 10.1504/IJTMCC.2014.063274

International Journal of Trust Management in Computing and Communications, 2014 Vol.2 No.1, pp.40 - 77

Received: 27 May 2013
Accepted: 16 Jan 2014
Published online: 26 Jul 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Identity business processes

Keep up-to-date