Graph-based delegation authorization in workflow

Authors:
Yonghe Wei
Affiliations:
R&D Center of CAD/CAM technology, Shenyang Ligong University, Shenyang, China
Venue:
CCDC'09 Proceedings of the 21st annual international conference on Chinese control and decision conference
Year:
2009

Citing 10
Cited 0

Handbook of graph grammars and computing by graph transformation: volume I. foundations

Handbook of graph grammars and computing by graph transformation: volume I. foundations
A Linear Time Algorithm for Deciding Subject Security

Journal of the ACM (JACM)
A graph-based formalism for RBAC

ACM Transactions on Information and System Security (TISSEC)
Describing Policies with Graph Constraints and Rules

ICGT '02 Proceedings of the First International Conference on Graph Transformation
Supporting conditional delegation in secure workflow management systems

Proceedings of the tenth ACM symposium on Access control models and technologies
A fine-grained, controllable, user-to-user delegation method in RBAC

Proceedings of the tenth ACM symposium on Access control models and technologies
DW-RBAC: A formal security model of delegation and revocation in workflow systems

Information Systems
Visual specifications of policies and their verification

FASE'03 Proceedings of the 6th international conference on Fundamental approaches to software engineering
Delegation in role-based access control

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Implementing authorization delegations using graph

DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Using graph transformation as a formalism to specify access control has several advantages, from the intuition provided by the visual aspect to the precise semantics and the systematic verification of constraints. Graph Transformations provide a uniform and precise framework for the specification of access control policies. After reviewing the basic notations of graph transformation, this article presents specification formalisms for workflow delegation policies using graph transformation. The authorization states are represented by graphs and state transition by graph transformation. The proposed formalization provides an intuitive description for the manipulation of graph structures as they occur in workflow delegation and a precise specification of consistency conditions on graphs and graph transformations. We specifies a type graph to represents the type information in the graph transformation for workflow delegation, a set of rules to build the system states and sets of positive and negative constraints to specify wanted and unwanted framework.