A rule-based framework using role patterns for business process compliance

Akhil Kumar, Rong Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Scopus citations

Abstract

In view of recent business scandals that prompted the Sarbanes-Oxley legislation, there is a greater need for businesses to develop systematic approaches to designing business processes that comply with organizational policies. Moreover, it should be possible to express the policy and relate it to a given process in a descriptive or declarative manner. In this paper we propose role patterns, and show how they can be associated with generic task categories and processes in order to meet standard requirements of internal control principles in businesses. We also show how the patterns can be implemented using built-in constraints in a logic-based language like Prolog. While the role patterns are general, this approach is flexible and extensible because user-defined constraints can also be asserted in order to introduce additional requirements as dictated by business policy. The paper also discusses control requirements of business processes, and explores the interactions between role based access control (RBAC) mechanisms and workflows.

Original languageEnglish (US)
Title of host publicationRule Representation, Interchange and Reasoning on the Web - International Symposium, RuleML 2008, Proceedings
Pages58-72
Number of pages15
DOIs
StatePublished - Dec 15 2008
EventInternational Symposium on Rule Representation, Interchange and Reasoning on the Web, RuleML 2008 - Orlando, FL, United States
Duration: Oct 30 2008Oct 31 2008

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5321 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

OtherInternational Symposium on Rule Representation, Interchange and Reasoning on the Web, RuleML 2008
CountryUnited States
CityOrlando, FL
Period10/30/0810/31/08

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'A rule-based framework using role patterns for business process compliance'. Together they form a unique fingerprint.

  • Cite this

    Kumar, A., & Liu, R. (2008). A rule-based framework using role patterns for business process compliance. In Rule Representation, Interchange and Reasoning on the Web - International Symposium, RuleML 2008, Proceedings (pp. 58-72). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5321 LNCS). https://doi.org/10.1007/978-3-540-88808-6-9