CEOSIS - Controlled Evolution of Organizational Structures in Information Systems

Description

The definition and management of user privileges (e.g., to control the access to business documents and database objects, or to resolve the set of actors that qualify for a newly activated task in a process-aware information system) is an important task within any information systems. Often Role Based Access Control (RBAC) mechanisms are used to specify such user privileges as access rules based on organizational models.

While many approaches address access control in information systems, only little research effort has been spent on the evolution of organizational models and access rules. However, organizational structures are frequently subject to change (e.g., when streamlining organizations, restructuring human resources, etc.) as illustrated by Fig. 1.

Fig. 1: Changes of Organizational Structures

Thus, in the CEOSIS project, we address research questions related to evolution of organizational structures. Specifically,  we provide change frameworks for organizational models and access rules but also analyze the side effects of such changes (e.g., the effects of changing access rules on user worklists). Additionally, we deal with the whole lifecycle of access rules, including the phases depicted in Fig. 2.

 Fig. 2: Access Rule Lifecycle

Partners

  • University of Ulm
    Institute of Databases and Information Systems
  • University of Vienna
    Dept. Knowledge and Business Engineering

Duration

2005 - 2009

Additional Information

CEOSIS Overview

Publications

| 2009 | 2008 | 2007 | 2005 | 2004 |

2009

Rinderle-Ma, Stefanie and Reichert, Manfred (2009) Comprehensive Life Cycle Support for Access Rules in Information Systems: The CEOSIS Project. Enterprise Information Systems, 3(3): 219-251. file

2008

Rinderle-Ma, Stefanie and Reichert, Manfred (2008) Managing the Life Cycle of Access Rules in CEOSIS. In: Proceedings of the 12th IEEE International Enterprise Computing Conference (EDOC'08), Munich, Germany, September, 2008, IEEE Computer Society Press, pp. 257-266. file

2007

Rinderle-Ma, Stefanie and Reichert, Manfred (2007) A Formal Framework for Adaptive Access Control Models. Journal on Data Semantics IX, Springer, Vol. LNCS 4, pp. 82-112. file
Rinderle-Ma, Stefanie and van der Aalst, Wil M.P. (2007) Life-Cycle Support for Staff Assignment Rules in Process-Aware Information Systems. Technical Report 213, TU Eindhoven. file

2005

Ly, Linh Thao and Rinderle, Stefanie and Dadam, Peter and Reichert, Manfred (2005) Mining Staff Assignment Rules from Event-Based Data. In: Proc. Workshop on Business Process Intelligence (BPI) in conjunction with (BPM'05), Nancy, France, LNCS 3812, Springer, pp. 177-190. file
Rinderle, Stefanie and Reichert, Manfred (2005) On the Controlled Evolution of Access Rules in Cooperative Information Systems. In: Proc. 13th Int'l Conf. on Cooperative Information Systems (CoopIS'05) [Best Paper Award], Agia Napa, Cyprus, LNCS 3760, Springer, pp. 238-255. file

2004

Reichert, Manfred and Catrinescu-Wiedemuth, Ursula and Rinderle, Stefanie (2004) Evolution von Zugriffsregelungen in Informationssystemen. In: Proc. Conf. eBusiness Processes (EBP'04), Klagenfurt, Austria, pp. 100-114. file

Master & Bachelor Theses

| 2005 | 2002 |

2005

Ly, Linh Thao (2005) Process Mining - Bestehende Ansätze und weiterführende Aspekte. Diploma thesis, Universität Ulm. file

2002

Wiedemuth-Catrinescu, Ursula (2002) Evolution von Organisationsmodellen in Workflow-Management-Systemen. Diploma thesis, Universität Ulm. file