@InProceedings{	  basin.ea:separation:2011,
  abstract	= {We introduce the concept of Separation of Duties (SoD) as
		  a Service, an approach to enforcing SoD requirements on
		  work ows and thereby preventing fraud and errors. SoD as a
		  Service facilitates a separation of concern between
		  business experts and security professionals. Moreover, it
		  allows enterprises to address the need for internal
		  controls and to quickly adapt to organizational,
		  regulatory, and technological changes. In this paper, we
		  describe an implementation of SoD as a Service, which
		  extends a widely used, commercial workflow system, and
		  discuss its performance. We present a drug dispensation
		  workflow deployed in a hospital as case study to
		  demonstrate the feasibility and bene ts of our
		  proof-of-concept implementation.},
  address	= {Hong Kong, China},
  author	= {David Basin and Samuel J. Burri and Guenter Karjoth},
  booktitle	= {ACM Symposium on Information, Computer and Communications
		  Security (ASIACCS '11')},
  language	= {USenglish},
  month		= 03,
  pdf		= {papers/2011/asiaccs2011-preview.pdf},
  publisher	= {ACM},
  title		= {Separation of Duties as a Service},
  year		= 2011
}