Security Controls in Collaborative Business Processes

Abstract

Virtual Organisations (VOs) are collaborative environments, encompassing different autonomous partners responding to a business opportunity with a focus on automation and flexibility. These are the sort of scenarios researched specifically in the EU IST project TrustCoM. Collaborative business processes are identified as the integrating component bringing together other required VO components and subsystems such as a policy infrastructure or contract management while still meeting the requirements regarding flexibility. eBusiness in such a complex, evolving environment as the one encountered in VOs can only prosper with an integrated security model, supporting various classes of VOs or catering for VOs forming in different business segments, for instance aggregated service provisioning or collaborative engineering. Such an integrated security model has to take the integrating component, collaborative business processes into account as well. This contribution deals particularly with the security model on the VO’s enterprise layer. A business process model, offering means to controllably expose organisation internal processes is extended to interface with other security and contract management related VO subsystems (such as the policy infrastructure). The extended business process model supports process context aware security controls for and towards those subsystems within executable collaborative process instances.KeywordsBusiness ProcessSecurity RequirementBusiness Process ModelProcess InstanceBusiness ObjectiveThese keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.