Role-Based Access Control Models
Computer
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A modular approach to composing access control policies
Proceedings of the 7th ACM conference on Computer and communications security
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
An authorization model for a public key management service
ACM Transactions on Information and System Security (TISSEC)
Authorization and Access Control of Application Data in Workflow Systems
Journal of Intelligent Information Systems - Special issue: A survey of research questions for intelligent information systems in education
Managing Workflow Authorization Constraints through Active Database Technology
Information Systems Frontiers
Administration Policies in a Multipolicy Autorization System
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
The rcl 2000 language for specifying role-based authorization constraints
The rcl 2000 language for specifying role-based authorization constraints
Unified support for heterogeneous security policies in distributed systems
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Collaborative business and data privacy: toward a cyber-control?
Computers in Industry - Special issue: The digital factory: an instrument of the present and the future
A security policy framework for context-aware and user preferences in e-services
Journal of Systems Architecture: the EUROMICRO Journal
Collaborative business and data privacy: Toward a cyber-control?
Computers in Industry - Special issue: The digital factory: an instrument of the present and the future
| Hi-index | 0.00 |
Enterprise information platform (EIP) is an enterprise model-based platform, aiming at model-driven enterprise design, analysis and evaluation. Its one role is to build up a framework for the easy integration of different systems representing the processes, structures, activities, goals and information, etc of businesses, governments or other enterprises. The topic of this paper is not data integration or application integration of EIP, but integration of authorization. This paper focuses on integration of authorizations of workflow management system and resource management system of EIP. Workflow management and resource management of current EIPs usually have their own models of authorization and access control. This type of separate authorization and access control mechanism causes many security problems. Previous studies focus on each authorization system individually, but the integration of them has hardly been deeply discussed. Here the paper presents a unified authorization and access control model, so as to represent the privileges authorized by different systems in the same format, and to avoid conflicts and other security problems as the consequence.