The definition and management of user privileges (e.g., to control the access to business documents and database objects, or to resolve the set of actors that qualify for a newly activated task in a process-aware information system) is an important task within any information systems. Often Role Based Access Control (RBAC) mechanisms are used to specify such user privileges as access rules based on organizational models.

While many approaches address access control in information systems, only little research effort has been spent on the evolution of organizational models and access rules. However, organizational structures are frequently subject to change (e.g., when streamlining organizations, restructuring human resources, etc.) as illustrated by Fig. 1.

Thus, in the CEOSIS project, we address research questions related to evolution of organizational structures. Specifically,  we provide change frameworks for organizational models and access rules but also analyze the side effects of such changes (e.g., the effects of changing access rules on user worklists). Additionally, we deal with the whole lifecycle of access rules, including the phases depicted in Fig. 2.