An extended Petri net model for supporting workflow in a multilevel secure environment
Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects
The Unified Modeling Language user guide
The Unified Modeling Language user guide
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
SecureFlow: a secure Web-enabled workflow management system
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Security models for web-based applications
Communications of the ACM
Access control mechanisms for inter-organizational workflow
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
An Execution Model for Multilevel Seccure Workflows
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
An Authorization Model for Workflows
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Directions for Web and E-Commerce Applications Security
WETICE '01 Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Specifying conflict of interest in web services endpoint language (WSEL)
ACM SIGecom Exchanges
Secure workflow model
Preventing information leakage within workflows that execute among competing organizations
Journal of Systems and Software - Special issue: Software engineering education and training
Deploying access control in distributed workflow
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Trust-Based secure workflow path construction
ICSOC'05 Proceedings of the Third international conference on Service-Oriented Computing
Modeling and analyzing the impact of authorization on workflow executions
Future Generation Computer Systems
On the Prevention of Fraud and Privacy Exposure in Process Information Flow
INFORMS Journal on Computing
Traceability and integrity of execution in distributed workflow management systems
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Information and Software Technology
| Hi-index | 0.00 |
Workflow Management Systems (WFMSs) are becoming very popular and are being used to support many of the day to day workflows in large organizations. One of the major problems with workflow management systems is that they often use heterogeneous and distributed hardware and software systems to execute a given workflow. This gives rise to decentralized security policies and mechanisms that need to be managed. Since security is an essential and integral part of workflows, the workflow management system has to manage and execute the workflows in a secure way. The prolific use of workflow management systems for critical and strategic applications gives rise to a major concern regarding the threats against integrity, authorization, and availability. In this paper, we propose an authorization model with a set of invariants for workflows from the aspects of agents, events and data, and prove that if they hold, the workflow execution is secure. Further, we develop the authorization model by a multi-layered state machine. The novel part of this model is separating the various aspects of control in a workflow and portraying it as a multi-layered architecture for analyzing the flow of authorizations.