Authorization and Access Control of Application Data in Workflow Systems
Journal of Intelligent Information Systems - Special issue: A survey of research questions for intelligent information systems in education
State-dependent security decisions for distributed object-systems
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
AGENT WORK: a workflow system supporting rule-based workflow adaptation
Data & Knowledge Engineering
Document access control in organisational workflows
International Journal of Information and Computer Security
Securing Workflows with XACML, RDF and BPEL
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
An integrated model for access control and information flow requirements
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Expert Systems with Applications: An International Journal
Consolidating the access control of composite applications and workflows
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
An information flow control meta-model
Proceedings of the 18th ACM symposium on Access control models and technologies
Information and Software Technology
Hi-index | 0.00 |
Workflow management systems (WFMS) support the modeling andcoordinated execution of processes within an organization. Tocoordinate the execution of the various activities (or tasks) in aworkflow, task dependencies are specified among them. As advancesin workflow management take place, they are also required tosupport security. In a multilevel secure (MLS) workflow, tasks maybelong to different security levels. Ensuring the dependencies fromthe tasks at higher security levels to those at lower securitylevels (high-to-low dependencies) may compromise security. In thispaper, we consider such MLS workflows and show how they can beexecuted in a secure and correct manner. Our approach is based onsemantic classification of the task dependencies that examines thesource of the task dependencies. We classify the high-to-lowdependencies in several ways: conflicting versusconflict-free, result-independent versus result-dependent, strongversus weak, and abortive versus non-abortive. We proposealgorithms to automatically redesign the workflow and demonstratethat only a small subset among all the types of high-to-lowdependencies requires to be executed by trusted subjects and allother types can be executed without compromising security. The solutions proposed in this paper are directly applicable toanother relevant area of research - execution of multileveltransactions in multilevel secure databases since the atomicityrequirements and other semantic requirements can be modeled as aworkflow. When compared to the research in this area, our work (1)is more general in the sense that it can model several other typesof dependencies thereby allowing one to specify relaxed atomicityrequirements and (2) is capable of automatically redesigning aworkflow without requiring any human intervention by eliminatingsome cycles among task dependencies, which helps to attain higherdegree of atomicity.