An overview of workflow management: from process modeling to workflow automation infrastructure
Distributed and Parallel Databases - Special issue on software support for work flow management
Role-Based Access Control Models
Computer
Coloured Petri nets (2nd ed.): basic concepts, analysis methods and practical use: volume 1
Coloured Petri nets (2nd ed.): basic concepts, analysis methods and practical use: volume 1
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Modeling and Analysis of Workflows Using Petri Nets
Journal of Intelligent Information Systems - Special issue on workflow management systems
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Modeling and analyzing separation of duties in workflow environments
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
An Authorization Model for Workflows
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
An Adaptive Policy-Based Framework for Network Services Management
Journal of Network and Systems Management
A Petri net based safety analysis of workflow authorization models^1
Journal of Computer Security
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools
Transactions on Computational Science IV
Information and Software Technology
Hi-index | 0.00 |
The administration of authorizations in an organization is a complex task. To ensure that tasks constituting the business processes are performed by authorized users, a proper authorization mechanism is required. Alturi and Huang have proposed a workflow authorization model and presented a color-timed Petri net based representation of their model. In this paper, we extend their model by using the colored Petri net formalism to model authorization management, security constraints like separation of duties, and role hierarchy in an elegant way to establish an integrated authorization management model. One of the great advantages of using Petri net formalism for system modeling is its strong mathematical foundation and the availability of a rich set of analysis techniques. Therefore, we will show in this paper the use of linear algebraic technique to analyze the reachable authorization states, and coverability graph to calculate the valid execution chains against the colored Petri net based workflow authorization management model.