Separation of duties as a service

David Basin, Samuel J. Burri, Günter Karjoth
2011 Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security - ASIACCS '11  
We introduce the concept of Separation of Duties (SoD) as a Service, a new approach to enforce SoD requirements on workflows and thereby prevent fraud and errors. SoD as a Service facilitates a separation of concern between business experts and security professionals. Moreover, it allows enterprises to address the need for internal controls and to quickly adapt to organizational, regulatory, and technological changes, which are common characteristics of today's dynamic business environments. We
more » ... describe our implementation of SoD as a Service, which extends a widespread, commercial workflow system. We validate our approach and implementation with a realistic case study, a drug dispensation workflow deployed in a hospital. * The research leading to these results has received funding from the European Community's Seventh Framework Programme (FP7/2007(FP7/ -2013 under grant agreement N • 216917.
doi:10.1145/1966913.1966972 dblp:conf/ccs/BasinBK11 fatcat:urodyxjce5cq5oq7utn4npxo5q