A generic business artifacts based authorization framework for cross-enterprise collaboration

Abstract

Business artifacts provide an approach to Business Process Management that combines data and process in a holistic way. Previous research introduced artifact-centric Interoperation Hubs (I-Hubs) as a data-centric alternative to conventional service orchestration for enabling the cooperative interaction of multiple organizations with shared business objectives. The current paper extends this vision by describing an approach for implementing I-Hubs that supports rich access control mechanisms. This reflects the data-process duality of business artifacts, the approach borrows from access control disciplines for both data and process. The paper describes how the approach is being applied in connection with two models for artifact lifecycles, a procedural one based on finite state machines and a declarative one based on guards, stages, and milestones. © 2012 IEEE.