A Petri net based safety analysis of workflow authorization models^1

Authors:
Vijayalakshmi Atluri;Wei-Kuang Huang
Affiliations:
(Correspd.) MSIS Department and Center for Information Management, Integration and Connectivity, Rutgers University, Newark, NJ 07102, USA&semi/ E-mail&colon/ atluri@andromeda.rutgers.edu;Department of Operation and Information Management, University of Connecticut, Storrs, CT 06269-2041, USA&semi/ E-mail&colon/ whuang@sba.uconn.edu
Venue:
Journal of Computer Security
Year:
2000

Citing 0
Cited 12

SecureFlow: a secure Web-enabled workflow management system

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
A logical framework for reasoning about access control models

ACM Transactions on Information and System Security (TISSEC)
Modeling E -service Orchestration through Petri Nets

TES '02 Proceedings of the Third International Workshop on Technologies for E-Services
An XML-based process definition language for integrated process management

Computers in Industry
Modeling and Analyzing of Workflow Authorization Management

Journal of Network and Systems Management
IPM-EPDL: an XML-based executable process definition language

Computers in Industry
DW-RBAC: A formal security model of delegation and revocation in workflow systems

Information Systems
Supporting dynamic administration of RBAC in web-based collaborative applications during run-time

International Journal of Information and Computer Security
A policy-based authorization model for workflow-enabled dynamic process management

Journal of Network and Computer Applications
IPM-EPDL: an XML-based executable process definition language

Computers in Industry
Modeling and analyzing the impact of authorization on workflow executions

Future Generation Computer Systems
Association-Based Active Access Control models with balanced scalability and flexibility

Computers in Industry

Quantified Score

Hi-index	0.00

Visualization

Abstract

Workflow Management Systems (WFMS) are being widely used today by organizations to coordinate the execution of various applications representing their day-to-day tasks. To ensure that these tasks are executed by authorized users or processes (subjects), and to make sure that authorized subjects gain access on the required objects only during the execution of the specific task, granting and revoking of privileges need to be synchronized with the progression of the workflow through proper authorization mechanisms. Recently, Atluri and Huang have proposed a workflow authorization model (WAM) that provides such synchronization. This paper, first extends WAM to support roles and authorization constraints such as separation of duties. Second, it develops methodologies to analyze the safety of workflow authorization model when authorization constraints are imposed. The analysis is carried out by modeling WAM as a suitable Petri net (PN) and by utilizing the well-established analysis techniques of PNs.