Journal of Northeastern University(Natural Science)

Journal of Northeastern University ›› 2008, Vol. 29 ›› Issue (3): 387-390+432.DOI: -

• OriginalPaper • Previous Articles     Next Articles

An access control model for task-oriented workflow

Wei, Yong-He (1); Wang, Cheng-En (2); Shu, Qi-Lin (2); Ma, Ming-Xu (2)   

  1. (1) School of Mechanical Engineering and Automation, Northeastern University, Shenyang 110004, China; (2) Key Laboratory of Integrated Automation of Process Industry, Northeastern University, Shenyang 110004, China
  • Received:2013-06-22 Revised:2013-06-22 Online:2008-03-15 Published:2013-06-22
  • Contact: Wei, Y.-H.
  • About author:-
  • Supported by:
    -

RichHTML

0

PDF (PC)

602

Abstract: Analyzing what are required for the access control of workflow, an access control model for task-oriented workflow is put forward, in which the idea of authorized task in order to separate the relation between roles and permissions. An authorization task is introduced to make the executive roles in no relation to authority, where the authority least approved to execute a task and the role assigned to execute the task are both the attributes of task authorization. The model also defines the conflict relationship between different tasks, then gives the dynamic constraint rules on the authorization to ensure and enforce the implementation of security strategies. In this model, the authorization flow is synchronized with workflow so as to meet the access control s requirements of dynamic authorization, authority least approved and separation of responsibility from duty. Differing from existing models, in the proposed model the separation of authority from executive role cancels the coupling of organizational model with workflow model.

CLC Number: