Auflistung nach Autor:in "Strembeck, Mark"
1 - 8 von 8
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragExtending BPEL4WS for multiple instantiation(Informatik 2004, Informatik verbindet, Band 2, Beiträge der 34. Jahrestagung der Gesellschaft für Informatik e.V. (GI), 2004) Mendling, Jan; Strembeck, Mark; Neumann, GustafA means to define multiple activity instantiation is an important feature of a business process modelling language. In this paper we suggest to extend BPEL4WS with structured activities for multiple instantiation. In particular, we propose to extend BPEL4WS with a collect and a broadcast activity to model multiple instance behavior as well as array data structures to handle messages of multiple parties that act according to the same role.
- KonferenzbeitragFindings from an experiment on flow direction of business process models(Enterprise modelling and information systems architectures, 2015) Figl, Kathrin; Strembeck, MarkA core aspect of diagrammatic process modeling is the visualization of the logical and temporal order in which tasks are to be performed in a process. While conventions and guidelines exist that promote modeling processes from left-to-right or from top-to-bottom, no empirically validated design rationale can be provided for this choice so far. Therefore, this paper seeks to determine whether some flow directions are better than others from a cognitive point of view. We present the results of a controlled pilot experiment comparing the effects of four flow directions (left-to-right, right-to-left, top-to-bottom, bottom-to-top) on process model comprehension with a small sample size of 44 participants. Although there is a variety of theoretical arguments which support the use of a left-to-right flow direction as convention for process models, the preliminary empirical results of the pilot experiment were less clear-cut and showed that model readers also adapted well to uncommon reading directions.
- KonferenzbeitragKaskadierender Widerruf von Delegationen in prozessbasierten Informationssystemen(Informatik 2014, 2014) Hopfmüller, David; Schefer-Wenzl, Sigrid; Strembeck, MarkDas BusinessActivities Framework stellt einen integrierten, modellgetriebenen Ansatz zur Modellierung von Sicherheitseigenschaften für prozessbasierte Informationssysteme zur Verfügung. Ein wichtiger Teil des BusinessActivity Frameworks ermöglicht die Modellierung von rollenbasierten Zugriffskontrollmodellen. In diesem Kontext ist auch die Möglichkeit zur Delegation von Rollen und Rechten vorgesehen. Der vorliegende Beitrag erweitert den Ansatz um einen Algorithmus für den kaskadierenden Widerruf von Delegationen. Der Ansatz umfasst eine prototypische Implementierung, die als Erweiterung der BusinessActivity LRE (von engl.: Library and Runtime Engine) fungiert.
- ZeitschriftenartikelModellierungsunterstützung für die rollenbasierte Delegation in prozessgestützten Informationssystemen(Wirtschaftsinformatik: Vol. 56, No. 4, 2014) Schefer-Wenzl, Sigrid; Strembeck, MarkDer Beitrag stellt einen integrierten Ansatz für die Modellierung und Durchsetzung von Delegationsrichtlinien in prozessbasierten Informationssystemen vor. In diesem Kontext wird eine entsprechende Erweiterung für rollenbasierte Zugriffskontrollmodelle (RBAC) beschrieben. Diese Erweiterung ist insofern generisch, als sie prinzipiell verwendet werden kann, um beliebige prozessbasierte Informationssysteme oder Prozessmodellierungssprachen mit Konstrukten für RBAC-Delegationsmodelle zu erweitern. Des weiteren befasst sich der Beitrag mit der Identifikation delegationsbezogener Konflikte sowie den zugehörigen Lösungsstrategien. Insbesondere ist der Ansatz darauf ausgelegt, die Konsistenz der RBAC-Modelle sowohl zur Entwurfszeit als auch zur Laufzeit sicherzustellen. Basierend auf einem formalen Metamodell wird zudem eine UML-Erweiterung für die Delegation von Rollen, Aufgaben und Pflichten vorgestellt. Diese UML-Erweiterung kann einerseits gemeinsam mit bereits bestehenden UML-Erweiterungen verwendet werden und demonstriert andererseits das prinzipielle Vorgehen zur Integration der neuen Modellkonstrukte in eine standardisierte Modellierungssprache. Zur Evaluierung der praktischen Anwendbarkeit des Ansatzes wurde eine Fallstudie an einem Realweltbeispiel durchgeführt. Weiterhin wurden alle vorgestellten Modellkonstrukte als Erweiterung der „BusinessActivity Library and Runtime Engine“ implementiert.AbstractIn the paper, an integrated approach for the modeling and enforcement of delegation policies in process-aware information systems is presented. In particular, a delegation extension for process-related role-based access control (RBAC) models is specified. The extension is generic in the sense that it can be used to extend process-aware information systems or process modeling languages with support for process-related RBAC delegation models. Moreover, the detection of delegation-related conflicts is discussed and a set of pre-defined resolution strategies for each potential conflict is provided. Thereby, the design-time and runtime consistency of corresponding RBAC delegation models can be ensured. Based on a formal metamodel, UML2 modeling support for the delegation of roles, tasks, and duties is provided. A corresponding case study evaluates the practical applicability of the approach with real-world business processes. Moreover, the approach is implemented as an extension to the BusinessActivity library and runtime engine.
- KonferenzbeitragScenario-based component testing using embedded metadata(Testing of component-based systems and software quality, 2004) Strembeck, Mark; Zdun, UweWe present an approach for the use case and scenario-based testing of software components. Use cases and scenarios are applied to describe the functional requirements of a software system. In our approach, a test is defined as a formalized and executable description of a scenario. Tests are derived from use case scenarios via continuous refinement. The use case and test information can be associated with a software component as embedded component metadata. In particular, our approach provides a model-based mapping of use cases and scenarios to test cases, as well as (runtime) traceability of these links. Moreover, we describe an implementation-level test framework that can be integrated with many different programming languages.
- ZeitschriftenartikelTowards a Comprehensive Complexity Assessment of RBAC Models.(EMISA Forum: Vol. 34, No. 2, 2014) Prescher, Johannes; Schefer-Wenzl, Siegfried; Baumgrass, Anne; Strembeck, Mark; Mendling, Jan
- KonferenzbeitragA UML extension for modeling break-glass policies(EMISA 2012 – Der Mensch im Zentrum der Modellierung, 2012) Schefer-Wenzl, Sigrid; Strembeck, MarkIn emergency situations, certain subjects sometimes have to perform important tasks although they are usually not authorized to perform these tasks. Break-glass policies have been introduced as a sophisticated exception handling mechanism to resolve such situations. They enable selected subjects to break or override the standard access control policies of an information system in a controlled manner. However, modeling support for break-glass policies is largely missing. In this paper, we present an approach to provide modeling support for break-glass policies in the context of process-related RBAC models. In particular, we provide a UML2 extension that allows for the integrated modeling of processes and break-glass policies. Additional constraints are formally specified via OCL. We also implemented our approach as an extension to the BusinessActivity library and runtime engine. The source code of our implementation is available for download.
- KonferenzbeitragUser Profile Refinement using explicit User Interest Modeling(Informatik 2007 – Informatik trifft Logistik – Band 1, 2007) Stermsek, Gerald; Strembeck, Mark; Neumann, GustafIn this paper, we present an approach to refine user profiles that were derived from Web server logs in an automated procedure. In most application scenarios, such automatically derived profiles can only deliver a preliminary result and require human interaction for further refinement. We describe the individual steps to enhance and refine derived user profiles which can be used for personalization purposes (e.g. information filtering). In particular, the user can choose to refine the profile manually or use supporting techniques, such as ontologies, that assist him in the refinement process. In addition to information included in automatically derived profiles, the user thus explicitly provides information to refine his profile.