{"id":"https://openalex.org/W1599335543","doi":"https://doi.org/10.1007/978-3-8348-9283-6_24","title":"Managing business compliance using model-driven security management","display_name":"Managing business compliance using model-driven security management","publication_year":2009,"publication_date":"2009-03-06","ids":{"openalex":"https://openalex.org/W1599335543","doi":"https://doi.org/10.1007/978-3-8348-9283-6_24","mag":"1599335543"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-8348-9283-6_24","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-8348-9283-6_24","pdf_url":null,"source":{"id":"https://openalex.org/S4306464255","display_name":"Vieweg+Teubner eBooks","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"ebook platform"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ISSE 2008 Securing Electronic Business Processes","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5040060768","display_name":"Ulrich Lang","orcid":"https://orcid.org/0000-0001-7166-0805"},"institutions":[{"id":"https://openalex.org/I4210108377","display_name":"ObjectSecurity (United Kingdom)","ror":"https://ror.org/01hwhvh84","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210108377"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Ulrich Lang","raw_affiliation_strings":["St. John\u2019s Innovation Centre, ObjectSecurity Ltd, Cambridge, UK","ObjectSecurity Ltd"],"affiliations":[{"raw_affiliation_string":"St. John\u2019s Innovation Centre, ObjectSecurity Ltd, Cambridge, UK","institution_ids":["https://openalex.org/I4210108377"]},{"raw_affiliation_string":"ObjectSecurity Ltd","institution_ids":["https://openalex.org/I4210108377"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5018767285","display_name":"Rudolf Schreiner","orcid":null},"institutions":[{"id":"https://openalex.org/I4210108377","display_name":"ObjectSecurity (United Kingdom)","ror":"https://ror.org/01hwhvh84","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210108377"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Rudolf Schreiner","raw_affiliation_strings":["St. John\u2019s Innovation Centre, ObjectSecurity Ltd, Cambridge, UK","ObjectSecurity Ltd"],"affiliations":[{"raw_affiliation_string":"St. John\u2019s Innovation Centre, ObjectSecurity Ltd, Cambridge, UK","institution_ids":["https://openalex.org/I4210108377"]},{"raw_affiliation_string":"ObjectSecurity Ltd","institution_ids":["https://openalex.org/I4210108377"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5040060768"],"corresponding_institution_ids":["https://openalex.org/I4210108377"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.13943686,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"231","last_page":"241"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10679","display_name":"Service-Oriented Architecture and Web Services","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10679","display_name":"Service-Oriented Architecture and Web Services","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10703","display_name":"Business Process Modeling and Analysis","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9934999942779541,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5744770765304565},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.5308692455291748},{"id":"https://openalex.org/keywords/business-process","display_name":"Business process","score":0.5257894992828369},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.49387770891189575},{"id":"https://openalex.org/keywords/entitlement","display_name":"Entitlement (fair division)","score":0.43553900718688965},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.43236157298088074},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.4304054379463196},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.4127388894557953},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.4062860608100891},{"id":"https://openalex.org/keywords/work-in-process","display_name":"Work in process","score":0.10572671890258789}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5744770765304565},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.5308692455291748},{"id":"https://openalex.org/C85345410","wikidata":"https://www.wikidata.org/wiki/Q851587","display_name":"Business process","level":3,"score":0.5257894992828369},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.49387770891189575},{"id":"https://openalex.org/C94982200","wikidata":"https://www.wikidata.org/wiki/Q5380545","display_name":"Entitlement (fair division)","level":2,"score":0.43553900718688965},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.43236157298088074},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.4304054379463196},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.4127388894557953},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4062860608100891},{"id":"https://openalex.org/C174998907","wikidata":"https://www.wikidata.org/wiki/Q357662","display_name":"Work in process","level":2,"score":0.10572671890258789},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/978-3-8348-9283-6_24","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-8348-9283-6_24","pdf_url":null,"source":{"id":"https://openalex.org/S4306464255","display_name":"Vieweg+Teubner eBooks","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"ebook platform"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ISSE 2008 Securing Electronic Business Processes","raw_type":"book-chapter"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.6100000143051147,"id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":3,"referenced_works":["https://openalex.org/W1544658515","https://openalex.org/W2153074919","https://openalex.org/W2496062467"],"related_works":["https://openalex.org/W2063316462","https://openalex.org/W2034317015","https://openalex.org/W2488921877","https://openalex.org/W2409582990","https://openalex.org/W2040587586","https://openalex.org/W2727829150","https://openalex.org/W2809330582","https://openalex.org/W141185668","https://openalex.org/W1976606351","https://openalex.org/W2385190058"],"abstract_inverted_index":{"Compliance":[0,112],"with":[1,22],"regulatory":[2,23],"and":[3,27,34,42,68,89,110,147,181,185,209],"governance":[4],"standards":[5],"is":[6,19,51,66,105,114,133,166],"rapidly":[7],"becoming":[8],"one":[9],"of":[10,14,47,63,137,179],"the":[11,53,75,93,138,198,219],"hot":[12],"topics":[13],"information":[15],"security":[16,90,95],"today.":[17],"This":[18,72],"because,":[20],"especially":[21],"compliance,":[24,205],"both":[25],"business":[26],"government":[28],"have":[29],"to":[30,79,119,122],"expect":[31],"large":[32],"financial":[33],"reputational":[35],"losses":[36],"if":[37],"compliance":[38,88,124],"cannot":[39],"be":[40,80,120],"ensured":[41],"demonstrated.":[43],"One":[44],"major":[45],"difficulty":[46],"implementing":[48],"such":[49],"regulations":[50],"caused":[52],"fact":[54],"that":[55,65,74,92,171],"they":[56],"are":[57],"captured":[58],"at":[59,125],"a":[60,83,215],"high":[61],"level":[62],"abstraction":[64],"business-centric":[67],"not":[69],"IT":[70,94,142,145],"centric.":[71],"means":[73],"abstract":[76],"intent":[77],"needs":[78],"translated":[81],"in":[82,117,129,218],"trustworthy,":[84],"traceable":[85],"way":[86],"into":[87],"policies":[91,146],"infrastructure":[96],"can":[97,149,172],"enforce.":[98],"Carrying":[99],"out":[100],"this":[101,193],"mapping":[102],"process":[103],"manually":[104],"time":[106],"consuming,":[107],"maintenance-intensive,":[108],"costly,":[109],"error-prone.":[111],"monitoring":[113],"also":[115],"critical":[116],"order":[118],"able":[121],"demonstrate":[123],"any":[126],"given":[127],"point":[128],"time.":[130],"The":[131],"problem":[132],"further":[134],"complicated":[135],"because":[136],"need":[139],"for":[140,204],"business-driven":[141],"agility,":[143],"where":[144],"enforcement":[148],"change":[150],"frequently,":[151],"e.g.":[152],"Business":[153],"Process":[154],"Modelling":[155],"(BPM)":[156],"driven":[157],"Service":[158],"Oriented":[159],"Architecture":[160],"(SOA).":[161],"Model":[162,201],"Driven":[163,202],"Security":[164,203],"(MDS)":[165],"an":[167,177,207],"innovative":[168],"technology":[169],"approach":[170],"solve":[173],"these":[174],"problems":[175],"as":[176,212,214],"extension":[178],"identity":[180],"access":[182],"management":[183,187],"(IAM)":[184],"authorization":[186],"(also":[188],"called":[189],"entitlement":[190],"management).":[191],"In":[192],"paper":[194],"we":[195],"will":[196],"illustrate":[197],"theory":[199],"behind":[200],"provide":[206],"improved":[208],"extended":[210],"architecture,":[211],"well":[213],"case":[216],"study":[217],"healthcare":[220],"industry":[221],"using":[222],"our":[223],"OpenPMF":[224],"2.0":[225],"technology.":[226]},"counts_by_year":[{"year":2019,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}