{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,11]],"date-time":"2025-02-11T05:05:16Z","timestamp":1739250316352,"version":"3.37.0"},"reference-count":28,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2009,6,23]],"date-time":"2009-06-23T00:00:00Z","timestamp":1245715200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Inf Syst Front"],"published-print":{"date-parts":[[2011,4]]},"DOI":"10.1007\/s10796-009-9190-z","type":"journal-article","created":{"date-parts":[[2009,6,22]],"date-time":"2009-06-22T09:55:50Z","timestamp":1245664550000},"page":"171-189","source":"Crossref","is-referenced-by-count":3,"title":["Integrating constraints to support legally flexible business processes"],"prefix":"10.1007","volume":"13","author":[{"given":"Yuqing","family":"Sun","sequence":"first","affiliation":[]},{"given":"Joshua Zhexue","family":"Huang","sequence":"additional","affiliation":[]},{"given":"Xiangxu","family":"Meng","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2009,6,23]]},"reference":[{"issue":"2","key":"9190_CR1","doi-asserted-by":"crossref","first-page":"296","DOI":"10.1109\/69.991718","volume":"14","author":"NR Adam","year":"2002","unstructured":"Adam, N. R., Atluri, V., Bertino, E., & Ferrari, E. (2002). A content-based authorization model for digital libraries. IEEE Transactions on Knowledge and Data Engineering, 14(2), 296\u2013315.","journal-title":"IEEE Transactions on Knowledge and Data Engineering"},{"issue":"4","key":"9190_CR2","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1145\/382912.382913","volume":"3","author":"G-J Ahn","year":"2000","unstructured":"Ahn, G.-J., & Sandhu, R. (2000). Role-based authorization constraints specification. ACM Transaction on Information System Security, 3(4), 207\u2013226.","journal-title":"ACM Transaction on Information System Security"},{"issue":"1","key":"9190_CR4","doi-asserted-by":"crossref","first-page":"65","DOI":"10.1145\/300830.300837","volume":"2","author":"E Bertino","year":"1999","unstructured":"Bertino, E., Ferrari, E., & Atluri, V. (1999). The specification and enforcement of authorization constraints in workflow management systems. ACM Transactions on Information System Security, 2(1), 65\u2013104.","journal-title":"ACM Transactions on Information System Security"},{"key":"9190_CR5","doi-asserted-by":"crossref","unstructured":"Chaari, S., Biennier, F., Ben Amar, C., & Favrel, J. (2004). An authorization and access control model for workflow. In Proceedings of the 1st international workshop on computer supported activity coordination, Porto, Portugal (pp. 21\u201330).","DOI":"10.1109\/ISCCSP.2004.1296239"},{"key":"9190_CR6","doi-asserted-by":"crossref","first-page":"184","DOI":"10.1109\/SP.1987.10001","volume-title":"Proceedings of the 1987 IEEE symposium on security and privacy","author":"DD Clark","year":"1987","unstructured":"Clark, D. D., & Wilson, D. R. (1987). A comparision of commercial and military computer security policies. In Proceedings of the 1987 IEEE symposium on security and privacy (pp. 184\u2013194). Silver Spring: IEEE Computer Society Press."},{"key":"9190_CR7","doi-asserted-by":"crossref","unstructured":"Georgiadis, C. K., Mavridis, I., Pangalos, G., & Thomas, R. K. (2001). Flexible team-based access control using context. In Proceeding of ACM symposium on accesss control models and technoloy (pp. 21\u201327). Chantilly, VA.","DOI":"10.1145\/373256.373259"},{"issue":"5","key":"9190_CR8","doi-asserted-by":"crossref","first-page":"335","DOI":"10.1007\/s10796-006-9010-7","volume":"8","author":"LA Gordon","year":"2006","unstructured":"Gordon, L. A., & Loeb, M. P. (2006). Economic aspects of information security: An emerging field of research. Information Systems Frontiers, 8(5), 335\u2013337.","journal-title":"Information Systems Frontiers"},{"key":"9190_CR9","first-page":"256","volume-title":"Proceedings of 3rd international conference on trust management (iTrust 2005), LNCS (Vol. 3477)","author":"H Koshutanski","year":"2005","unstructured":"Koshutanski, H., & Massacci, F. (2005a). Interactive credential negotiation for stateful business processes. In Proceedings of 3rd international conference on trust management (iTrust 2005), LNCS (Vol. 3477, pp. 256\u2013272). Rocquencourt: Springer."},{"key":"9190_CR10","doi-asserted-by":"crossref","unstructured":"Koshutanski, H., & Massacci, F. (2005b). An access control framework for business processes for web services. In Proceedings of ACM workshop on xml security, Fairfax VA, USA (pp. 15\u201324).","DOI":"10.1145\/968559.968562"},{"key":"9190_CR11","doi-asserted-by":"crossref","unstructured":"Li, N., Tripunitara, M. V., & Wang, Q. (2006). Resiliency policies in access control. In Proc. ACM conference on computer and communications security (pp. 113\u2013123).","DOI":"10.1145\/1180405.1180421"},{"issue":"1","key":"9190_CR12","first-page":"21","volume":"35","author":"PJ Mangan","year":"2002","unstructured":"Mangan, P. J., & Sadiq, S. (2002). A constraints specification approach to building flexible workflows. Journal of Research and Practice in Information Technology, 35(1), 21\u201339.","journal-title":"Journal of Research and Practice in Information Technology"},{"key":"9190_CR13","doi-asserted-by":"crossref","first-page":"533","DOI":"10.1016\/S0306-4379(02)00029-7","volume":"28","author":"S Oh","year":"2003","unstructured":"Oh, S., & Park, S. (2003). Task-role-based access control model. Journal of Information System, 28, 533\u2013562.","journal-title":"Journal of Information System"},{"issue":"3","key":"9190_CR14","doi-asserted-by":"crossref","first-page":"20","DOI":"10.4018\/jwsr.2008070102","volume":"5","author":"F Paci","year":"2008","unstructured":"Paci, F., Bertino, E., & Crampton, J. (2008a). An access-control framework for WS-BPEL. International Journal of Web Service Research 5(3), 20\u201343.","journal-title":"International Journal of Web Service Research"},{"key":"9190_CR15","doi-asserted-by":"crossref","unstructured":"Paci, F., Ferrini, R., Sun, Y. Q., & Bertino, E. (2008b). Authorization and user failure resiliency for WS-BPEL business processes. In Proceeding of the 6 th international conference on service oriented computing, University of Technology, Sydney, Ultimo City (pp. 116\u2013131).","DOI":"10.1007\/978-3-540-89652-4_12"},{"issue":"2","key":"9190_CR16","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"R Sandhu","year":"1996","unstructured":"Sandhu, R., Coyne, E., Feinstein, H., & Youman, C. (1996). Rose-based access control model. IEEE Computer, 29(2), 38\u201347.","journal-title":"IEEE Computer"},{"key":"9190_CR17","unstructured":"Sun, Y. Q., & Pan, P. (2005). PRES-A practical flexible RBAC workflow system. In Proceedings of the 7 th international conference on electronic commerce, Xi\u2019an, China (pp. 653\u2013658)."},{"key":"9190_CR18","unstructured":"Thomas, R. (1997). Team-based access control. In Proceeding of 2 nd ACM workshop on role-based access control, Fairfax VA (pp. 13\u201319)."},{"key":"9190_CR19","unstructured":"Thomas, R. K., & Sandhu, R. (1997). Task-based authorization controls (TBAC): A family of models for active and enterprise-oriented autorization management. In Proceedings of the IFIP 11th international conference on database securty XI (pp. 166\u2013181)."},{"issue":"1","key":"9190_CR20","doi-asserted-by":"crossref","first-page":"29","DOI":"10.1145\/1057977.1057979","volume":"37","author":"W Tolone","year":"2005","unstructured":"Tolone, W., Ahn, G., Pai, T., & Hong, S. P. (2005). Access control in collaberative systems. ACM Computing Survey 37(1), 29\u201341.","journal-title":"ACM Computing Survey"},{"key":"9190_CR21","unstructured":"van der Aalst, W. M. P. (1996). Three good reasons for using petri net-based workflow management system. In Proceedings of the international workflow conference on information and process integration in enterprises (IPIC\u201996) (pp. 179\u2013201)."},{"key":"9190_CR22","doi-asserted-by":"crossref","unstructured":"van der Aalst, W. M. P. & Berens, P. J. S. (2001). Beyond workflow management: Product-driven case handing. In Proceeding of ACM conference on supporting group work, Boulder, Colorado (pp. 42\u201351).","DOI":"10.1145\/500286.500296"},{"key":"9190_CR23","unstructured":"van der Aalst, W. M. P. & Jablonski, S. (Eds.) (2000). Flexible workflow technology driving the networked economy. International Journal of Computer Systems, Science, and Engineering, 15(5, special issue)."},{"key":"9190_CR24","volume-title":"Workflow management models, methods, and systems","author":"W Aalst van der","year":"2004","unstructured":"van der Aalst, W., & van Hee, K. (2004). Workflow management models, methods, and systems. Cambridge: MIT."},{"key":"9190_CR25","doi-asserted-by":"crossref","unstructured":"Wang, Q., & Li, N. (2007). Satisfiability and resiliency in workflow systems. In Proc. European symp. on research in computer security (ESORICS) (pp.\u00a090\u2013105).","DOI":"10.1007\/978-3-540-74835-9_7"},{"issue":"4","key":"9190_CR26","doi-asserted-by":"crossref","first-page":"391","DOI":"10.1007\/s10796-007-9042-7","volume":"9","author":"X Yu","year":"2007","unstructured":"Yu, X., et al. (2007). A model-driven development framework for enterprise web services. Information Systems Frontiers, 9(4), 391\u2013409.","journal-title":"Information Systems Frontiers"},{"key":"9190_CR27","isbn-type":"print","volume-title":"The theory and apllication of petri-net","author":"Z Yuan","year":"2005","unstructured":"Yuan, Z. (2005). The theory and apllication of petri-net. Beijing: Electronic Industry Publishing Company. ISBN 7-121-00970-6.","ISBN":"https:\/\/id.crossref.org\/isbn\/7121009706"},{"key":"9190_CR28","unstructured":"Zhang, X.\u00a0P., Cerone, A., & Krishnan, P. (2006). Verifying BPEL workflows under authorisation constraints. In Proceedings of fourth international conference on business process management (BPM 2006). Vienna, Austria."},{"key":"9190_CR29","unstructured":"Zisman, M.\u00a0D. (1977). Representation, specification and automation of office procedures. PhD theses. Philadelphia: University of Pennsylvania Wharton School of Business."}],"container-title":["Information Systems Frontiers"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10796-009-9190-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10796-009-9190-z\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10796-009-9190-z","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,10]],"date-time":"2025-02-10T07:55:26Z","timestamp":1739174126000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10796-009-9190-z"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,6,23]]},"references-count":28,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2011,4]]}},"alternative-id":["9190"],"URL":"https:\/\/doi.org\/10.1007\/s10796-009-9190-z","relation":{},"ISSN":["1387-3326","1572-9419"],"issn-type":[{"type":"print","value":"1387-3326"},{"type":"electronic","value":"1572-9419"}],"subject":[],"published":{"date-parts":[[2009,6,23]]}}}