{"id":"https://openalex.org/W1991293255","doi":"https://doi.org/10.1145/2699026.2699028","title":"Aligning Security and Business Objectives for Process-Aware Information Systems","display_name":"Aligning Security and Business Objectives for Process-Aware Information Systems","publication_year":2015,"publication_date":"2015-02-23","ids":{"openalex":"https://openalex.org/W1991293255","doi":"https://doi.org/10.1145/2699026.2699028","mag":"1991293255"},"language":"en","primary_location":{"id":"doi:10.1145/2699026.2699028","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2699026.2699028","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5112272587","display_name":"G\u00fcnter Karjoth","orcid":null},"institutions":[{"id":"https://openalex.org/I81007117","display_name":"Lucerne University of Applied Sciences and Arts","ror":"https://ror.org/04nd0xd48","country_code":"CH","type":"education","lineage":["https://openalex.org/I81007117"]}],"countries":["CH"],"is_corresponding":true,"raw_author_name":"G\u00fcnter Karjoth","raw_affiliation_strings":["Lucerne University of Applied Sciences and Arts, Lucerne, Switzerland"],"affiliations":[{"raw_affiliation_string":"Lucerne University of Applied Sciences and Arts, Lucerne, Switzerland","institution_ids":["https://openalex.org/I81007117"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5112272587"],"corresponding_institution_ids":["https://openalex.org/I81007117"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.09089127,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"243","last_page":"243"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10703","display_name":"Business Process Modeling and Analysis","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/business-process-model-and-notation","display_name":"Business Process Model and Notation","score":0.7139256000518799},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6996942162513733},{"id":"https://openalex.org/keywords/business-process","display_name":"Business process","score":0.6637670397758484},{"id":"https://openalex.org/keywords/business-rule","display_name":"Business rule","score":0.6245737671852112},{"id":"https://openalex.org/keywords/business-process-modeling","display_name":"Business process modeling","score":0.6008202433586121},{"id":"https://openalex.org/keywords/artifact-centric-business-process-model","display_name":"Artifact-centric business process model","score":0.5479949116706848},{"id":"https://openalex.org/keywords/tying","display_name":"Tying","score":0.507576584815979},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.49292612075805664},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.47644928097724915},{"id":"https://openalex.org/keywords/workflow","display_name":"Workflow","score":0.4746941924095154},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.45939916372299194},{"id":"https://openalex.org/keywords/information-flow","display_name":"Information flow","score":0.441782146692276},{"id":"https://openalex.org/keywords/business-process-management","display_name":"Business process management","score":0.4130944609642029},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.20177790522575378},{"id":"https://openalex.org/keywords/work-in-process","display_name":"Work in process","score":0.17838114500045776},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.13323834538459778}],"concepts":[{"id":"https://openalex.org/C179299601","wikidata":"https://www.wikidata.org/wiki/Q1017605","display_name":"Business Process Model and Notation","level":5,"score":0.7139256000518799},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6996942162513733},{"id":"https://openalex.org/C85345410","wikidata":"https://www.wikidata.org/wiki/Q851587","display_name":"Business process","level":3,"score":0.6637670397758484},{"id":"https://openalex.org/C11066294","wikidata":"https://www.wikidata.org/wiki/Q1518244","display_name":"Business rule","level":4,"score":0.6245737671852112},{"id":"https://openalex.org/C207505557","wikidata":"https://www.wikidata.org/wiki/Q4374012","display_name":"Business process modeling","level":4,"score":0.6008202433586121},{"id":"https://openalex.org/C162754035","wikidata":"https://www.wikidata.org/wiki/Q17006331","display_name":"Artifact-centric business process model","level":5,"score":0.5479949116706848},{"id":"https://openalex.org/C2780938662","wikidata":"https://www.wikidata.org/wiki/Q973710","display_name":"Tying","level":2,"score":0.507576584815979},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.49292612075805664},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.47644928097724915},{"id":"https://openalex.org/C177212765","wikidata":"https://www.wikidata.org/wiki/Q627335","display_name":"Workflow","level":2,"score":0.4746941924095154},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.45939916372299194},{"id":"https://openalex.org/C2779136372","wikidata":"https://www.wikidata.org/wiki/Q10283002","display_name":"Information flow","level":2,"score":0.441782146692276},{"id":"https://openalex.org/C80309976","wikidata":"https://www.wikidata.org/wiki/Q7007379","display_name":"Business process management","level":4,"score":0.4130944609642029},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.20177790522575378},{"id":"https://openalex.org/C174998907","wikidata":"https://www.wikidata.org/wiki/Q357662","display_name":"Work in process","level":2,"score":0.17838114500045776},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.13323834538459778},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2699026.2699028","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2699026.2699028","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W1976484522","https://openalex.org/W2038953226","https://openalex.org/W2074747980","https://openalex.org/W2116714932"],"related_works":["https://openalex.org/W93556318","https://openalex.org/W2150476276","https://openalex.org/W142537396","https://openalex.org/W4300427051","https://openalex.org/W2097616329","https://openalex.org/W2479849232","https://openalex.org/W2156946939","https://openalex.org/W2034761836","https://openalex.org/W2408087754","https://openalex.org/W2499897886"],"abstract_inverted_index":{"Enterprises":[0],"are":[1,72,81],"increasingly":[2],"subject":[3],"to":[4,23,56,64,115],"compliance":[5,153],"rules":[6],"that":[7],"originate":[8],"from":[9],"corporate":[10],"guidelines,":[11],"industry":[12],"sector":[13],"standards,":[14],"and":[15,71,111,117,145],"laws.":[16],"The":[17],"goal":[18],"of":[19,83,98,135,157],"access":[20,43],"control":[21,44,162],"is":[22,45],"protect":[24],"against":[25],"unauthorized":[26],"users.":[27],"However,":[28],"threats":[29],"also":[30],"often":[31],"reside":[32],"within":[33],"organizations":[34],"where":[35],"authorized":[36],"users":[37],"may":[38],"misuse":[39],"system":[40],"resources.":[41],"Although":[42],"fundamental":[46],"in":[47,107,121,128,155],"protecting":[48],"information":[49],"systems,":[50],"it":[51],"can":[52],"pose":[53],"an":[54],"obstacle":[55],"achieving":[57],"business":[58,69,104,148],"objectives.":[59],"Today,":[60],"security":[61],"policies":[62],"have":[63],"be":[65],"aligned":[66],"with":[67,152],"the":[68,92,133,141,161,165],"goals":[70],"not":[73],"anymore":[74],"a":[75,96,103],"purely":[76],"technical":[77],"issue.":[78],"Business":[79,142],"processes":[80,149],"therefore":[82],"special":[84],"interest.":[85],"When":[86],"described":[87],"by":[88,132],"workflows,":[89],"they":[90],"define":[91],"causal":[93],"dependencies":[94],"between":[95],"set":[97],"tasks,":[99],"whose":[100],"execution":[101,166],"constitutes":[102],"objective.":[105],"Already":[106],"1999,":[108],"Bertino,":[109],"Ferrari":[110],"Atluri":[112],"showed":[113],"how":[114],"specify":[116],"enforce":[118],"authorization":[119],"constraints":[120],"workflow":[122],"management":[123],"systems":[124],"[1].":[125],"But":[126],"only":[127],"recent":[129],"years,":[130],"triggered":[131],"raise":[134],"high-level":[136],"modeling":[137],"languages":[138],"such":[139],"as":[140],"Process":[143],"Model":[144],"Notation":[146],"(BPMN),":[147],"were":[150],"enhanced":[151],"requirements":[154],"terms":[156],"process":[158],"annotations,":[159],"tying":[160],"objectives":[163],"into":[164],"flow.":[167]},"counts_by_year":[{"year":2019,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}