Last modified: September, 2011



Samuel J. Burri
 IBM Research GmbH
Säumerstrasse 4
8803 Rüschlikon
Switzerland

phone: +41 44 724 84 67
fax: +41 44 724 89 53
email: sbu [at] zurich.ibm.com
linkedin: http://ch.linkedin.com/in/samuelburri

I am a predoctoral researcher in the Security group at IBM Research - Zurich and supervised by Dr. Günter Karjoth. Furthermore, I am a PhD student in the Information Security group, chaired by Prof. David Basin, at ETH Zürich.


Research Interests
 My research interests include the formal modeling and analysis of authorization constraints in business processes.

Activities
 I was involved in the research project MASTER, which is funded under the 7th Research Framework Programme by the European Union.

Student projects
 I have recently superviced the master thesis project Tool support for modeling authorization constraints in business processes: BPMN is a popular, visual language for modeling business processes, a.k.a. workflows. In this master thesis project, we plan to extend BPMN to model authorization constraints for workflows. First, we extend BPMN's metamodel and XML-serialization to support authorization constraints. Second, adapt an existing workflow modeling tool to facilitate the design of BPMN workflows that include our constraints. The project combines theoretical and applied challenges. Find more information in the project proposal.

Publications

  • S.J. Burri and G. Karjoth.
    Flexible Scoping of Authorization Constraints on Workflows with Loops and Parallelism.
    To appear in Proc. of the 1st BPM Workshop on Workflow Security Audit and Certification (WfSAC '11), Clermont-Ferrand, France, August 29, 2011.

  • D. Basin, S.J. Burri and G. Karjoth.
    Obstruction-free Authorization Enforcement: Aligning Security and Business Objectives.
    In Proc. of the 24th IEEE Computer Security Foundations Symposium (CSF '11'), Abbaye des Vaux de Cernay, France, July 27-29, 2011.
    PDF | Slides | BibTeX | Publisher | DBLP

  • D. Basin, S.J. Burri and G. Karjoth.
    Separation of Duties as a Service.
    In Proc. of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS '11'), Hong Kong, China, March 22-24, 2011.
    PDF | Slides | BibTeX | Publisher | DBLP (not yet available)

  • D. Basin, S.J. Burri and G. Karjoth.
    Dynamic Enforcement of Abstract Separation of Duty Constraints.
    In Proc. of the 14th European Symposium on Research in Computer Security (ESORICS '09), Saint Malo, France, September 21-25, 2009.
    PDF | Slides | BibTeX | Publisher | DBLP



Samuel J. Burri, IBM doesn't necessarily share my personal opinions stated on this page.