TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
An Authorization Model for Workflows
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Improving Flexibility of Workflow Management Systems
Business Process Management, Models, Techniques, and Empirical Studies
Correctness criteria for dynamic changes in workflow systems: a survey
Data & Knowledge Engineering - Special issue: Advances in business process management
SOWAC: A Service-Oriented Workflow Access Control Model
COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01
Role-based authorizations for workflow systems in support of task-based separation of duty
Journal of Systems and Software
Efficient Handling of Changes in Dynamic Workflow Systems
CTS '06 Proceedings of the International Symposium on Collaborative Technologies and Systems
Hi-index | 0.00 |
Security issues pertaining to workflow systems are becoming increasingly important for the cross-enterprises interoperability in insecure environments. Among them, access control for information confidentiality and integrity has attracted widespread attention. However, in the context of the contemporary dynamic business environment, the traditional workflow authorization model (WAM) faces limitations in handling the consequences of dynamic workflow changes and exceptions, since it focuses primarily on the synchronization of authorization flow by using authorization templates (ATs). In this paper, we propose a flexible access control with dynamic checking features for handling workflow changes and exceptions. Extended temporal role-based access control and flexible workflow authorization template are adopted in order to further enhance the traditional AT, thereby ensuring information confidentiality and integrity. Additionally, a case study applying the proposed model to uEngine, an open source workflow management system, is presented.