The Proviado Access Control Model for Business Process Monitoring Components
AbstractIntegrated process support is highly desirable in environments where data related to a particular business process are scattered over distributed, heterogeneous information systems. A business process monitoring component is a much-needed module in order to provide an integrated view on all these process data. Regarding process visualisation and process data integration, access control (AC) issues are very important but also quite complex to be addressed. A major problem arises from the fact that the involved information systems are usually based on heterogeneous AC components. For several reasons, the only feasible way to tackle the problem of AC at the process monitoring level is to define access rights for the process monitoring component, hence getting rid of the burden to map access rights from the information system level. This paper presents the Proviado process visualisation framework and discusses requirements for AC in process monitoring, which we derived from our case studies in the automotive domain. It then presents alternative approaches for AC: the view-based and the object-based approach. The latter is retained, and a core AC model is proposed for the definition of access rights that meet the derived requirements. AC mechanisms provided within the core model are key ingredients for the definition of model extensions.
Authors who publish with this journal agree to the following terms: Authors retain copyright and grant the journal 'Enterprise Modelling and Information Systems Architectures - International Journal of Conceptual Modeling' and the Gesellschaft für Informatik e.V. (GI) the permission of first publication, and the non-exclusive, irrevocable and non-time limited publication permission for the submitted work including the permissions to store, copy, distribute and reproduce their work in printed and electronic form for the duration of the legal copyright. This includes the right of translation. Authors grant the journal 'Enterprise Modelling and Information Systems Architectures - International Journal of Conceptual Modeling' and the Gesellschaft für Informatik e.V. (GI) the permission to license their work under a Creative Commons BY-SA 4.0 license that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book) given an acknowledgement of its initial publication in this journal.
Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access). The submitting corresponding author on behalf of all co-authors asserts that she/he is entitled to the granting of the above mentioned permissions for the submitted work.