@article {9268371220130801, title = {Enhancing Workflow Systems Resiliency by Using Delegation and Priority Concepts.}, journal = {Journal of Digital Information Management}, volume = {11}, number = {4}, year = {2013}, pages = {267 - 276}, abstract = {Enforcing dynamic access control constraints in workflow management systems (WFMS) is a very important requirement with regard to security issues. However, respecting those constraints may prohibit the completion of a workflow instance in the case of the lack of authorized users. Such situation is known in the literature as a WSP (Workflow Satisfiability Problem). The ability of a WFMS to use different methods to bypass a WSP situation is often seen as a resiliency property. In this work, we propose a new approach that aims to enhance the resiliency of a WFMS while meeting -at run time- the main workflow dynamic access control requirements. In fact, by using both delegation and priority concepts it is possible to find a user which is as suitable as possible to perform the current task instance with lesser security risks. [ABSTRACT FROM AUTHOR]}, keywords = {Access control, Computer security, Computer systems {\textendash} Research, Computer users, Delegation, Dynamic Access Control Constraints, Priority, Resiliency, Workflow management systems, Workflow Satisfiability Problem}, issn = {09727272}, url = {http://search.ebscohost.com/login.aspx?direct=true\&db=iih\&AN=92683712\&site=ehost-live}, author = {Bakkali, Hanan El} } @article {8999329020120801, title = {Ing{\'e}nierie des exigences de la s{\'e}curit{\'e} informatique: Revue de travaux de recherche de l{\textquoteright}{\'e}licitation {\`a} la sp{\'e}cification.}, journal = {E-Ti: E-Review in Technologies Information}, number = {6}, year = {2012}, pages = {17 - 31}, abstract = {Nowadays Security plays an important role in the development of applications because of network expansion on one side and of the importance of information on the other side. However, security requirements have long been relegated to second place compared to the functional requirements which can cause some damage to the applications. One of the challenges of current research in the area of requirement engineering is to develop simple, expressive, reliable and costless methods for expressing and modelling security requirements. One of the challenges of current research in the area of requirement engineering is to develop simple, expressive, reliable and costless methods for expressing and modelling security requirements. (English) [ABSTRACT FROM AUTHOR]}, keywords = {Computer networks, Computer security, Computer software development, Elicitation, Formal Specification, Framework de mod{\'e}lisation, Information theory, Ing{\'e}nierie des exigences, Modelling framework, Requirement Engineering, Requirements engineering, S{\'e}curit{\'e}, Security, Sp{\'e}cification formelle}, issn = {11148802}, url = {http://search.ebscohost.com/login.aspx?direct=true\&db=iih\&AN=89993290\&site=ehost-live}, author = {Kassou, Meryem and Kjiri, Laila} }