Role-Based Access Control Models
Computer
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Analyzing Separation of Duties in Petri Net Workflows
MMM-ACNS '01 Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security
Issues in Document Security Enforcement for Activity Execution in CapBasED-AMS
ICOIN '98 Proceedings of the 13th International Conference on Information Networking
Secure role-based workflow models
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
BPEL4RBAC: An Authorisation Specification for WS-BPEL
WISE '08 Proceedings of the 9th international conference on Web Information Systems Engineering
A Flexible Access Control Model for Dynamic Workflow Using Extended WAM and RBAC
Computer Supported Cooperative Work in Design IV
Hi-index | 0.00 |
Workflow access control is the fundamental issue in workflow security. With the development of enterprise globalization and the constant re-engineering and optimizing of enterprise business, the organization becomes more dynamic and its business process is frequently changing. As a result, workflow access control turns more complicated and entails a comparatively operational mechanism. To solve the problem, in view of decoupling workflow access control model from workflow model, we propose a Service-Oriented Workflow Access Control (SOWAC) model in this paper. In SOWAC model, service is the abstraction of a task and the unit for applying access control. We present the elements of SOWAC model and illustrate the enforcement of SOWAC with an example workflow. Then the dynamic separation of duty for SOWAC model is proposed based on the authorization history of services. By applying SOWAC in a real workflow management system, we show SOWAC model is practical and effectual.