User specific privacy policies for collaborative BPaaS on the example of logistics
Björn Schwarzbach, Michael Glöckner, Arkadius Schier, Marcin Robak, Bogdan Franczyk
Citation: Proceedings of the 2016 Federated Conference on Computer Science and Information Systems, M. Ganzha, L. Maciaszek, M. Paprzycki (eds). ACSIS, Vol. 8, pages 1205–1213 (2016)
Abstract. Today's business is more and more organized in collaborative networks. Although decision makers know the benefits of collaboration, they are afraid of losing control of their data, which is one of the main impediments for Cloud Computing. We propose a novel cloud based approach for collaboration in business processes with guaranteed control of the privacy of the data. The platform ensures the compliance with the companies' privacy policies and laws. The paper shows the definition of privacy policies and how they are converted into a well established access control language. An example helps to clarify the methods.
- T. Bittman, “The evolution of the cloud computing market,” Gartner Blog Network, http://blogs.gartner.com/thomasbittman/2008/11/03/theevolution-of-the-cloud-computing-market, 2008.
- Statista, “Nutzung von cloud computing in unternehmen in deutschland in den jahren 2011 bis 2014,” 2016. [Online]. Available: http://de.statista.com/statistik/daten/studie/177484/umfrage/einsatz-von-cloud-computing-in-deutschen-unternehmen-2011/
- B. Schwarzbach, A. Pirogov, A. Schier, and B. Franczyk, “Inter-cloud architecture for privacy-preserving collaborative bpaas,” QUIS14, 2015.
- Statistisches Bundesamt, “12 % der unternehmen setzen auf cloud computing,” 2014. [Online]. Available: https://www.destatis.de/DE/PresseService/Presse/Pressemitteilungen/2014/12/PD14_467_52911.html
- B. Schwarzbach, M. Glöckner, A. Pirogov, M. M. Röhling, and B. Franczyk, “Secure service interaction for collaborative business pro- cesses in the inter-cloud,” in 2015 Federated Conference on Computer Science and Information Systems, ser. Annals of Computer Science and Information Systems. IEEE, 2015, pp. 1377–1386.
- D. Hutchison, T. Kanade, J. Kittler, J. M. Kleinberg, F. Mattern, J. C. Mitchell, M. Naor, O. Nierstrasz, C. Pandu Rangan, B. Steffen, M. Su- dan, D. Terzopoulos, D. Tygar, M. Y. Vardi, G. Weikum, N. Cuppens- Boulahia, F. Cuppens, and J. Garcia-Alfaro, Eds., Data and Applications Security and Privacy XXVI, ser. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012.
- H. Lindqvist, “Mandatory access control,” Master’s Thesis in Computing Science, Umea University, Department of Computing Science, SE-901, vol. 87, 2006.
- D. Ferraiolo, J. Cugini, and D. R. Kuhn, “Role-based access control (rbac): Features and motivations,” in Proceedings of 11th annual computer security application conference, 1995, pp. 241–248.
- I. Zahid and N. Josef, “Towards semantic-enhanced attribute-based access control for cloud services,” in 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, 2012, pp. 1223–1230. [Online]. Available: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6296118
- X. Jin, R. Krishnan, and R. Sandhu, “A unified attribute-based access control model covering dac, mac and rbac,” in Data and Applications Security and Privacy XXVI, ser. Lecture Notes in Computer Science, D. Hutchison, T. Kanade, J. Kittler, J. M. Kleinberg, F. Mattern, J. C. Mitchell, M. Naor, O. Nierstrasz, C. Pandu Rangan, B. Steffen, M. Su- dan, D. Terzopoulos, D. Tygar, M. Y. Vardi, G. Weikum, N. Cuppens- Boulahia, F. Cuppens, and J. Garcia-Alfaro, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, vol. 7371, pp. 41–55.
- D. F. Ferraiolo and D. R. Kuhn, “Role-based access controls,” arXiv preprint https://arxiv.org/abs/0903.2171, 2009.
- A. Gouglidis and I. Mavridis, “domrbac: An access control model for modern collaborative systems,” computers & security, vol. 31, no. 4, pp. 540–556, 2012.
- X. H. Le, T. Doll, M. Barbosu, A. Luque, and D. Wang, “An enhance- ment of the role-based access control model to facilitate information access management in context of team collaboration and workflow,” Journal of biomedical informatics, vol. 45, no. 6, pp. 1084–1107, 2012.
- X. H. Le, T. Doll, M. Barbosu, A. Luque, and D. Wang, “Evaluation of an enhanced role-based access control model to manage information access in collaborative processes for a statewide clinical education program,” Journal of biomedical informatics, vol. 50, pp. 184–195, 2014.
- X. H. Le and D. Wang, “Development of a system framework for implementation of an enhanced role-based access control model to support collaborative processes,” in Proc 3rd USENIX Workshops on Health Security and Privacy, 2012.
- V. C. Hu, D. Ferraiolo, R. Kuhn, A. Schnitzer, K. Sandlin, R. Miller, and K. Scarfone, Guide to Attribute Based Access Control (ABAC) Definition and Considerations. National Institute of Standards and Technology, 2014.
- OASIS, “extensible access control markup language (xacml) version 3.0,” 2013. [Online]. Available: http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html
- AT&T, “At&t xacml 3.0 implementation,” 2015. [Online]. Available: https://github.com/att/XACML