Database security
Role-Based Access Control Models
Computer
Authentication, access control, and audit
ACM Computing Surveys (CSUR)
Privacy, information technology, and health care
Communications of the ACM
An extended Petri net model for supporting workflow in a multilevel secure environment
Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A semantic-based execution model for multilevel secure workflows
Journal of Computer Security
Managing Workflow Authorization Constraints through Active Database Technology
Information Systems Frontiers
Supporting State-Wide Immunisation Tracking Using Multi-Paradigm Workflow Technology
VLDB '96 Proceedings of the 22th International Conference on Very Large Data Bases
An Execution Model for Multilevel Seccure Workflows
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
An Authorization Model for Workflows
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
An Authorization Model and Its Formal Semantics
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
IntelliGEN: A Distributed Workflow System for Discovering Protein-Protein Interactions
Distributed and Parallel Databases
A Uniform Model for Authorization and Access Control in Enterprise Information Platform
EDCIS '02 Proceedings of the First International Conference on Engineering and Deployment of Cooperative Information Systems
Key research issues in grid workflow verification and validation
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Radiology interpretation process modeling
Journal of Biomedical Informatics
Access control in collaborative commerce
Decision Support Systems
Document access control in organisational workflows
International Journal of Information and Computer Security
Modeling Human Aspects of Business Processes --- A View-Based, Model-Driven Approach
ECMDA-FA '08 Proceedings of the 4th European conference on Model Driven Architecture: Foundations and Applications
Supporting dynamic administration of RBAC in web-based collaborative applications during run-time
International Journal of Information and Computer Security
Task-activity based access control for process collaboration environments
Computers in Industry
Architecture of context-aware workflow authorization management systems for workflow-based systems
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
A task-oriented access control model for WfMS
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Optimistic anonymous participation in inter-organizational workflow instances
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Medical equipment maintenance support with service-oriented multi-agent services
PRIMA'10 Proceedings of the 13th international conference on Principles and Practice of Multi-Agent Systems
On the Prevention of Fraud and Privacy Exposure in Process Information Flow
INFORMS Journal on Computing
Association-Based Active Access Control models with balanced scalability and flexibility
Computers in Industry
Information and Software Technology
Hi-index | 0.00 |
Workflow Management Systems (WfMSs) are used to support the modeling and coordinated execution of business processes within an organization or across organizational boundaries. Although some research efforts have addressed requirements for authorization and access control for workflow systems, little attention has been paid to the requirements as they apply to application data accessed or managed by WfMSs. In this paper, we discuss key access control requirements for application data in workflow applications using examples from the healthcare domain, introduce a classification of application data used in workflow systems by analyzing their sources, and then propose a comprehensive data authorization and access control mechanism for WfMSs. This involves four aspects: role, task, process instance-based user group, and data content. For implementation, a predicate-based access control method is used. We believe that the proposed model is applicable to workflow applications and WfMSs with diverse access control requirements.