SOWAC: A Service-Oriented Workflow Access Control Model

Authors:
Wei Xu;Jun Wei;Yu Liu;Jing Li
Affiliations:
Chinese Academy of Sciences;Chinese Academy of Sciences;Chinese Academy of Sciences;Chinese Academy of Sciences
Venue:
COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01
Year:
2004

Citing 6
Cited 2

Role-Based Access Control Models

Computer
The specification and enforcement of authorization constraints in workflow management systems

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management

Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Analyzing Separation of Duties in Petri Net Workflows

MMM-ACNS '01 Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security
Issues in Document Security Enforcement for Activity Execution in CapBasED-AMS

ICOIN '98 Proceedings of the 13th International Conference on Information Networking
Secure role-based workflow models

Das'01 Proceedings of the fifteenth annual working conference on Database and application security

BPEL4RBAC: An Authorisation Specification for WS-BPEL

WISE '08 Proceedings of the 9th international conference on Web Information Systems Engineering
A Flexible Access Control Model for Dynamic Workflow Using Extended WAM and RBAC

Computer Supported Cooperative Work in Design IV

Quantified Score

Hi-index	0.00

Visualization

Abstract

Workflow access control is the fundamental issue in workflow security. With the development of enterprise globalization and the constant re-engineering and optimizing of enterprise business, the organization becomes more dynamic and its business process is frequently changing. As a result, workflow access control turns more complicated and entails a comparatively operational mechanism. To solve the problem, in view of decoupling workflow access control model from workflow model, we propose a Service-Oriented Workflow Access Control (SOWAC) model in this paper. In SOWAC model, service is the abstraction of a task and the unit for applying access control. We present the elements of SOWAC model and illustrate the enforcement of SOWAC with an example workflow. Then the dynamic separation of duty for SOWAC model is proposed based on the authorization history of services. By applying SOWAC in a real workflow management system, we show SOWAC model is practical and effectual.