Authorization and Access Control of Application Data in Workflow Systems

Authors:
Shengli Wu;Amit Sheth;John Miller;Zongwei Luo
Affiliations:
The University of Strathclyde, Glasgow, Scotland G1 1XH. shengli@cs.strath.ac.uk http://Isdis.cs.uga.edu;LSDIS Lab, University of Georgia, Athens, GA 30602, USA. amit@cs.uga.edu;LSDIS Lab, University of Georgia, Athens, GA 30602, USA. jam@cs.uga.edu;IBM T.J. Watson Research Center, Yorktown Heights, NY 10598, USA. zongwei@us.ibm.com
Venue:
Journal of Intelligent Information Systems - Special issue: A survey of research questions for intelligent information systems in education
Year:
2002

Citing 13
Cited 16

Database security

Database security
Role-Based Access Control Models

Computer
Authentication, access control, and audit

ACM Computing Surveys (CSUR)
Privacy, information technology, and health care

Communications of the ACM
An extended Petri net model for supporting workflow in a multilevel secure environment

Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects
The specification and enforcement of authorization constraints in workflow management systems

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A semantic-based execution model for multilevel secure workflows

Journal of Computer Security
Managing Workflow Authorization Constraints through Active Database Technology

Information Systems Frontiers
Supporting State-Wide Immunisation Tracking Using Multi-Paradigm Workflow Technology

VLDB '96 Proceedings of the 22th International Conference on Very Large Data Bases
An Execution Model for Multilevel Seccure Workflows

Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
An Authorization Model for Workflows

ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Secure Workflow Environment

WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
An Authorization Model and Its Formal Semantics

ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security

IntelliGEN: A Distributed Workflow System for Discovering Protein-Protein Interactions

Distributed and Parallel Databases
A Uniform Model for Authorization and Access Control in Enterprise Information Platform

EDCIS '02 Proceedings of the First International Conference on Engineering and Deployment of Cooperative Information Systems
Key research issues in grid workflow verification and validation

ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Radiology interpretation process modeling

Journal of Biomedical Informatics
Access control in collaborative commerce

Decision Support Systems
Document access control in organisational workflows

International Journal of Information and Computer Security
Modeling Human Aspects of Business Processes --- A View-Based, Model-Driven Approach

ECMDA-FA '08 Proceedings of the 4th European conference on Model Driven Architecture: Foundations and Applications
Supporting dynamic administration of RBAC in web-based collaborative applications during run-time

International Journal of Information and Computer Security
Task-activity based access control for process collaboration environments

Computers in Industry
Architecture of context-aware workflow authorization management systems for workflow-based systems

APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
A task-oriented access control model for WfMS

ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Optimistic anonymous participation in inter-organizational workflow instances

ICISS'06 Proceedings of the Second international conference on Information Systems Security
Medical equipment maintenance support with service-oriented multi-agent services

PRIMA'10 Proceedings of the 13th international conference on Principles and Practice of Multi-Agent Systems
On the Prevention of Fraud and Privacy Exposure in Process Information Flow

INFORMS Journal on Computing
Association-Based Active Access Control models with balanced scalability and flexibility

Computers in Industry
A systematic review on security in Process-Aware Information Systems - Constitution, challenges, and future directions

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Workflow Management Systems (WfMSs) are used to support the modeling and coordinated execution of business processes within an organization or across organizational boundaries. Although some research efforts have addressed requirements for authorization and access control for workflow systems, little attention has been paid to the requirements as they apply to application data accessed or managed by WfMSs. In this paper, we discuss key access control requirements for application data in workflow applications using examples from the healthcare domain, introduce a classification of application data used in workflow systems by analyzing their sources, and then propose a comprehensive data authorization and access control mechanism for WfMSs. This involves four aspects: role, task, process instance-based user group, and data content. For implementation, a predicate-based access control method is used. We believe that the proposed model is applicable to workflow applications and WfMSs with diverse access control requirements.