@InProceedings{	  burri.ea:flexible:2011,
  abstract	= {Real-life business process speci cations include
		  situations where work may be repeated due to exceptions
		  such as the lack of resources or failed approvals. However,
		  most authorization constraint models for business processes
		  describe them as partially ordered sets of tasks. This
		  abstraction simpli es the analysis of constraints greatly
		  but prevents their use in real systems because control
		  flows with loops are not supported. To overcome this
		  limitation, we scope authorization constraints to task
		  instances using the concept of release, which removes
		  associations between users and their previously executed
		  tasks. We defi ne a model applying releases to cardinality
		  and interval constraints, such as Separation of Duty (SoD).
		  The latter is based on the notion of intervals de ned by
		  pairs of tasks and imposing conditions on the users
		  executing them. We extend BPMN to visualize our
		  constraints, bridging the gap between IT and business
		  people as well as to auditors.},
  address	= {Clermont-Ferrand, France},
  author	= {Samuel J. Burri and Guenter Karjoth},
  booktitle	= {1st BPM Workshop on Workflow Security Audit and
		  Certification (WfSAC '11)},
  language	= {USenglish},
  month		= 08,
  pdf		= {papers/2011/wfsac-release-pre.pdf},
  publisher	= {Springer},
  series	= {LNCS},
  title		= {Flexible Scoping of Authorization Constraints on Workflows
		  with Loops and Parallelism},
  year		= 2011,
  user		= {burrisa}
}