ORKA – Organizational Control Architecture – Overview

Results

Publications

Andreas Schaad, Volkmar Lotz, Karsten Sohr: A model-checking approach to analysing organisational controls in a loan origination process. ACM SACMAT 2006, pp. 139-149.
Andreas Schaad, Karsten Sohr: A Workflow Instance-based Model-checking Approach to Analysing Organisational Controls in a Loan Origination Process. 1st International Workshop on Secure Information Systems (SIS '06). Wisla, Poland, 2006.
Mathias Kohler, Christian Liesegang, Andreas Schaad: Classification Model for Access Control Constraints. Workshop on Information Assurance 2007, New Orleans, USA, 2007.
A. Schaad, K. Sohr, M. Drouineaud, V. Lotz: An extended model-checking approach to intra- and inter-business process security. 2nd International Workshop on Secure Information Systems, 2007.
A. Schaad, K. Sohr, M. Drouineaud: A Workflow-based Model-checking Approach to Inter- and Intra-analysis of Organisational Controls in Service-oriented Buisiness Processes. Journal of Assurance and Security, Vol. 2, Issue 1, 2007.
K. Sohr, M. Drouineaud, G.-J. Ahn, M. Gogolla: Analyzing and Managing Role-Based Access Control Policies, IEEE Transactions on Knowledge and Data Engineering,Jan. 2008, IEEE Computer Society Digital Library. IEEE Computer Society, 2008.
T. Mustafa, K. Sohr, D.-H. Dang, M. Drouineaud, S. Kowski: Implementing Advanced RBAC Administration Functionality with USE. 8th OCL Workshop at the UML/MoDELS Conferences, October 2008.
K. Sohr, T. Mustafa, G.-J. Ahn, X. Bao: Towards Enforcing Role-Based Access Control Policies in Web Services with UML and OCL. 24th Annual Computer Security Applications Conference, Anaheim CA, December 2008.
Christian Wolter, Andreas Schaad, Christoph Meinel: Task-Based Entailment Constraints for Basic Workflow Patterns. SACMAT'08, ACM 978-1-60558-129-3/08/06.
Mathias Kohler, Andreas Schaad: ProActive Access Control for Business Process-driven Environments. 24th Annual Computer Security Applications Conference, Anaheim CA, December 2008.
C. Alm: An Extensible Framework for Specifying and Reasoning About Complex Role-Based Access Control Models. Fakultät für Informatik und Mathematik, Universität Passau, Technical Report MIP-0901, January 2009.
Christopher Alm, Ruben Wolf: The Definition of the OPL Access Control Policy Language. Fakultät für Informatik und Mathematik, Universität Passau, Technical Report MIP-0902, February 2009.
Christopher Alm, Michael Drouineaud, Ute Faltin, Karsten Sohr, Ruben Wolf: A Classification Framework Designed for Advanced Role-based Access Control Models and Mechanisms. Technologie-Zentrum Informatik und Informationstechnik, Universität Bremen, Technical Report TZI-Bericht Nr. 51, April 2009.

Selected Deliverables

Deliverable: Use Case Scenarios for Organizational Control with respect to Business Processes (pdf, engl.).
Deliverable: Organisational Control (pdf, engl.).
Deliverable: Organisational Control – Synchronization of Subject Areas (pdf, engl.).
Deliverable: Role-based Authorization Constraints – On Classifying Authorization Constraints Approaches (pdf, engl.).
Deliverable: Requirements for the Policy Language (pdf, engl.).
Deliverable: Analysis of Existing Policy Languages (pdf, engl.).
Deliverable: Transformation of OPL/XML into Enforceable Formats (pdf, engl.).
Deliverable: Policy Enforcement – Technical Overview (pdf, engl.).
Deliverable: Policy Enforcement – Archtecture and Design (pdf, engl.).
Deliverable: Policy Enforcement – Basic Prototype Implementation (pdf, engl.).
Deliverable: Tool Design for Automated Legacy System Policy Analysis (pdf, engl.).
Deliverable: Formalisms and Methods for the Validation of RBAC Policies – On Classifying Validation Methods (pdf, engl.).
Deliverable: Requirements Analysis – Requirements for Specification of Security Policies (pdf, engl.).
Deliverable: Requirements Analysis – Requirements for Administration of Security Policies (pdf, engl.).

Presentations