The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Separation of duties for access control enforcement in workflow environments
IBM Systems Journal - End-to-end security
Proceedings of the tenth ACM symposium on Access control models and technologies
Publishing and composition of atomicity-equivalent services for B2B collaboration
Proceedings of the 28th international conference on Software engineering
A Novel Approach for Role Hierarchies in Flexible RBAC Workflow
EDOC '06 Proceedings of the 10th IEEE International Enterprise Distributed Object Computing Conference
Role-Based Access Control, Second Edition
Role-Based Access Control, Second Edition
Inter-domain role mapping and least privilege
Proceedings of the 12th ACM symposium on Access control models and technologies
The role mining problem: finding a minimal descriptive set of roles
Proceedings of the 12th ACM symposium on Access control models and technologies
A Delegation-Based Workflow Access Control Model
ISDPE '07 Proceedings of the The First International Symposium on Data, Privacy, and E-Commerce
A cost-driven approach to role engineering
Proceedings of the 2008 ACM symposium on Applied computing
Fast exact and heuristic methods for role minimization problems
Proceedings of the 13th ACM symposium on Access control models and technologies
Task-based entailment constraints for basic workflow patterns
Proceedings of the 13th ACM symposium on Access control models and technologies
Permission Set Mining: Discovering Practical and Useful Roles
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Role Engineering for Enterprise Security Management
Role Engineering for Enterprise Security Management
Resolving least privilege violations in software architectures
IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
Access control for workflow environment: the RTFW model
CSCWD'06 Proceedings of the 10th international conference on Computer supported cooperative work in design III
Modeling of task-based authorization constraints in BPMN
BPM'07 Proceedings of the 5th international conference on Business process management
A task-oriented access control model for WfMS
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
| Hi-index | 0.00 |
The need for 'role engineering' becomes evident once a decision has been made to adopt role-based access control (RBAC) to ensure access control in a computer system. Role engineering is a process to define roles, permissions, and role hierarchies. Therefore, it is a critical step in deploying any RBAC-oriented system. The question is even more crucial for workflow management systems: additionally to role engineering, a 'task engineering' process could be needed to allow the satisfaction of access control constraints even in critical situations. In this paper, we propose an approach of task engineering to improve access control enforcement in workflow management systems. By task engineering, we mean the process to examine the granularity of each workflow's task in a way to meet at run time the main access control requirements, precisely the least privilege and separation of duties principles. This approach uses the constraints satisfaction problem (CSP) formulation and resolution method.