Information Flow Based Security Control Beyond RBAC |
The book shows a way of providing more refined methods of information flow control than those offered by role-based access control (RBAC). For granting access to information or resources, former or further information flow in a business process requesting this access is taken into account. The methods proposed are comparatively easy to apply and have been proven to be largely machine-executable by a prototypical realisation. As an addition, the methods are extended to be also applicable to BPEL-defined workflows in Grid and Cloud computing.
Fischer KP