Security Management in the presence of delegation and revocation in workflow systems
نویسندگان
چکیده
This paper extends the RBAC model to deal with permission in a workflow management system. The extended model allows for dynamic constraints on instances of processes. We also extend the model so that delegations from an user to another user, and revocations of such delegations are dealt with. We also discuss the issues on delegations from a user to a group of users.
منابع مشابه
DW-RBAC: A formal security model of delegation and revocation in workflow systems
One reason workflow systems have been criticized as being inflexible is that they lack support for delegation. This paper shows how delegation can be introduced in a workflow system by extending the role-based access control (RBAC) model. The current RBAC model is a security mechanism to implement access control in organizations by allowing users to be assigned to roles and privileges to be ass...
متن کاملA Workflow Instance-based Model-checking Approach to Analysing Organisational Controls in a Loan Origination Process1
Demonstrating the safety of a system (ie. avoiding the undesired propagation of access rights or indirect access through some other granted resource) is one of the goals of access control research, e.g. [1-4]. However, the flexibility required from enterprise resource management (ERP) systems may require the implementation of seemingly contradictory requirements (e.g. tight access control but a...
متن کاملAn Event Driven Hybrid Identity Management Approach to Privacy Enhanced e-Health
Credential-based authorization offers interesting advantages for ubiquitous scenarios involving limited devices such as sensors and personal mobile equipment: the verification can be done locally; it offers a more reduced computational cost than its competitors for issuing, storing, and verification; and it naturally supports rights delegation. The main drawback is the revocation of rights. Rev...
متن کاملTowards Secure Delegation with Chinese Wall Security Policy (CWSP)
Chinese Wall Security Policy (CWSP) is a widely applied access control policy in many fields, especially in commercial world. Delegation is one of the hot topics of access control technologies. Delegation with CWSP means delegation must satisfy not only delegation constrains but CWSP as well. There exist many delegation models, such as RBDM, RDM2000 and PBDM et al, but few focus on it. This pap...
متن کاملThe Delegation Authorization Model: A Model For The Dynamic Delegation Of Authorization Rights In A Secure Workflow Management System
A workflow is a coordinated arrangement of related tasks in an automated process, the systematic execution of which, ultimately achieves some goal. Tasks that comprise the workflow process are typically dependent on one another. Security, in a workflow context, involves the implementation of access control security mechanisms to ensure that task dependencies are coordinated and that tasks are p...
متن کامل