BP-XACML: An authorisation policy language for business processes

Alissa, Khalid, Reid, Jason, Dawson, Ed, & Salim, Farzad (2015) BP-XACML: An authorisation policy language for business processes. In Foo, Ernest & Stebila, Douglas (Eds.) Information Security and Privacy: 20th Australasian Conference, ACISP 2015, Proceedings [Lecture Notes in Computer Science, Volume 9144], Springer, QUT Gardens Point, Brisbane, Australia, pp. 307-325.


View at publisher


XACML has become the defacto standard for enterprise- wide, policy-based access control. It is a structured, extensible language that can express and enforce complex access control policies. There have been several efforts to extend XACML to support specific authorisation models, such as the OASIS RBAC profile to support Role Based Access Control. A number of proposals for authorisation models that support business processes and workflow systems have also appeared in the literature. However, there is no published work describing an extension to allow XACML to be used as a policy language with these models. This paper analyses the specific requirements of a policy language to express and enforce business process authorisation policies. It then introduces BP-XACML, a new profile that extends the RBAC profile for XACML so it can support business process authorisation policies. In particular, BP-XACML supports the notion of tasks, and constraints at the level of a task instance, which are important requirements in enforcing business process authorisation policies.

Impact and interest:

0 citations in Scopus
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

189 since deposited on 06 May 2015
89 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 83935
Item Type: Conference Paper
Refereed: No
Additional URLs:
Keywords: Authorisation policy language, Authorisation management, XACML, BPM, Workflow, Business Process
DOI: 10.1007/978-3-319-19962-7_18
ISBN: 978-3-319-19961-0
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000)
Divisions: Past > Schools > Computer Science
Current > Institutes > Institute for Future Environments
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Copyright Owner: Copyright 2015 [please consult the authors]
Deposited On: 06 May 2015 03:30
Last Modified: 24 Jun 2017 17:01

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page