Privacy-aware workflow management
| Contribuinte(s) |
Glykas, Michael |
|---|---|
| Data(s) |
2013
|
| Resumo |
Information security policies play an important role in achieving information security. Confidentiality, Integrity, and Availability are classic information security goals attained by enforcing appropriate security policies. Workflow Management Systems (WfMSs) also benefit from inclusion of these policies to maintain the security of business-critical data. However, in typical WfMSs these policies are designed to enforce the organisation’s security requirements but do not consider those of other stakeholders. Privacy is an important security requirement that concerns the subject of data held by an organisation. WfMSs often process sensitive data about individuals and institutions who demand that their data is properly protected, but WfMSs fail to recognise and enforce privacy policies. In this paper, we illustrate existing WfMS privacy weaknesses and introduce WfMS extensions required to enforce data privacy. We have implemented these extensions in the YAWL system and present a case scenario to demonstrate how it can enforce a subject’s privacy policy. |
| Formato |
application/pdf |
| Identificador | |
| Publicador |
Springer Berlin Heidelberg |
| Relação |
http://eprints.qut.edu.au/57923/3/BPM-09-06.pdf DOI:10.1007/978-3-642-28409-0_5 Alhaqbani, Bandar S., Adams, Michael J., Fidge, Colin J., & ter Hofstede, Arthur H.M. (2013) Privacy-aware workflow management. In Glykas, Michael (Ed.) Business Process Management. Springer Berlin Heidelberg, pp. 111-128. |
| Direitos |
Copyright 2013 Springer The original publication is available at SpringerLink http://www.springerlink.com |
| Fonte |
School of Electrical Engineering & Computer Science; School of Information Systems; Science & Engineering Faculty |
| Palavras-Chave | #080600 INFORMATION SYSTEMS #WorkflowManagement Systems #Privacy #Authorisation #YAWL |
| Tipo |
Book Chapter |
