Workflow authorizations evaluation in multi-layered applications

摘要

There is provided a computer-implemented method, computer-program product, system and security index structure for a security enforcement strategy for a composite application. The method comprises providing a workflow for the composite application, wherein the composite application is constructed from a set of sub-applications and wherein at least a plurality of the sub-applications has a policy. A consolidated workflow policy is generated for the workflow by combining the policies of the sub-applications and by taking into account a control flow of the workflow, wherein the control flow provides an order in which the set of sub-applications are performed. The consolidated workflow policy is enforced by providing a security index structure for the consolidated workflow policy adapted for checking authorization in the workflow.