An overview of workflow management: from process modeling to workflow automation infrastructure
Distributed and Parallel Databases - Special issue on software support for work flow management
Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
The WASA2 object-oriented workflow management system
SIGMOD '99 Proceedings of the 1999 ACM SIGMOD international conference on Management of data
A semantic-based execution model for multilevel secure workflows
Journal of Computer Security
A ticket-based access control architecture for object systems
Journal of Computer Security
About the Enforcement of State Dependent Specifications
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
An Integration Model of Role-Based Access Control and Activity Based Access Control Using Task
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
Requirements for secure logging of decentralized cross-organizational workflow executions
OTM'05 Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems
Optimistic anonymous participation in inter-organizational workflow instances
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Hi-index | 0.00 |
Distributed systems consist of many different objects, participating in distributed activity sequences. We present a system for state-dependent security decisions (SDSD), which can be used to specify and to enforce sets of allowed activity sequences. A specification is expressed as a protocol, which defines such a set as a regular language. The protocol is transformed into a finite automaton. Instantiated copies of the automaton are deployed by the actually participating objects, each of which has been wrapped by the SDSD-system with a security object. Knowing the automaton and based on additional control messages, the security objects can locally decide, whether a requested action is allowed or not. A running prototype implementing the SDSD-system is described, and its full integration into CORBA is outlined.