Article: Static compliance checking beyond separation of duty constraints Journal: International Journal of Embedded Systems (IJES) 2018 Vol.10 No.5 pp.423 - 436 Abstract: Compliance requirements, such as separation of duty and binding of duty, have to be satisfied in many application domains. Existing compliance checking frameworks either have limited expressiveness or rely on model checking, which has small applicable range and low efficiency. To overcome these limitations, we improve high level expression separation of duty algebra to: 1) describe both SoD and BoD constraints to make it more expressive; 2) describe user-task relationship to perform compliance checking. In order to make the improved high level policy act on concrete process, we: 1) construct mapping rules to translate the improved high level policies to low level constraints described in description logic; 2) propose a reasoning framework to check for business process compliance. We report on the applicability of our approach via a case study. Inderscience Publishers - linking academia, business and industry through research

Title: Static compliance checking beyond separation of duty constraints

Authors: Yang Bo; Chunhe Xia; Yang Luo; Qing Tang

Addresses: School of Computer Science and Engineering, Beijing Key Laboratory of Network Technology, Beihang University, XueYuan Road No. 37, HaiDian District, 100191, Beijing, China ' School of Computer Science and Engineering, Beijing Key Laboratory of Network Technology, Beihang University, XueYuan Road No. 37, HaiDian District, 100191, Beijing, China ' School of Software and Microelectronics, Peking University, Yiheyuan Road No. 5, Haidian District, 100871, Beijing, China; School of Computer Science and Engineering, Beijing Key Laboratory of Network Technology, Beihang University, XueYuan Road No. 37, HaiDian District, 100191, Beijing, China ' School of Software and Microelectronics, Peking University, Yiheyuan Road No. 5, Haidian District, 100871, Beijing, China; School of Computer Science and Engineering, Beijing Key Laboratory of Network Technology, Beihang University, XueYuan Road No. 37, HaiDian District, 100191, Beijing, China

Abstract: Compliance requirements, such as separation of duty and binding of duty, have to be satisfied in many application domains. Existing compliance checking frameworks either have limited expressiveness or rely on model checking, which has small applicable range and low efficiency. To overcome these limitations, we improve high level expression separation of duty algebra to: 1) describe both SoD and BoD constraints to make it more expressive; 2) describe user-task relationship to perform compliance checking. In order to make the improved high level policy act on concrete process, we: 1) construct mapping rules to translate the improved high level policies to low level constraints described in description logic; 2) propose a reasoning framework to check for business process compliance. We report on the applicability of our approach via a case study.

Keywords: business process compliance; high level policy; low level constraint; description logic; framework.

DOI: 10.1504/IJES.2018.095019

International Journal of Embedded Systems, 2018 Vol.10 No.5, pp.423 - 436

Received: 29 Jan 2015
Accepted: 05 Apr 2015
Published online: 01 Oct 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Static compliance checking beyond separation of duty constraints

Keep up-to-date