Designing Role Hierarchies for Access Control in Workflow Systems
نویسندگان
چکیده
Due to the correspondence between the role abstraction in Role-based Access Control (RBAC) and the notion of organizational positions, it seems easy to construct role hierarchies. This is, however, a misconception. This paper argues that, in order to reflect the functional requirements, a role hierarchy becomes very complex. In a bid to simplify the design of role hierarchies suitable for the expression of access control requirements in workflow systems, the paper proposes a “typed” role hierarchy. In a “typed” role hierarchy a role is of a specific type. The associations between different types of roles are limited by rules that govern the construction of a role hierarchy. This paper proposes a methodology to systematically construct a “typed” role hierarchy. Since the “typed” nature of the role hierarchy is only relevant during the construction of the role hierarchy, it can seamlessly be integrated into existing RBAC schemes that support the concept of role hierarchies.
منابع مشابه
An Access Control Model for Workflows Offering Dynamic Features and Interoperability Ability
Workflow management systems (WFMS) are useful in designing and evolving processes such as business processes. Recently, workflow security has been recognized as important. Workflow security issues include network security, authentication, access control, and so on. Our research focuses on access control. This paper proposes a model WfRBAC (role-based access control within workflows) for workflo...
متن کاملA framework for Access Control in Workflow Systems
Workflow systems are often associated with Business Process Re-engineering (BPR). This paper argues that the functional access control requirements in workflow systems are rooted in the scope of a BPR project. A framework for access control in Workflow Systems is developed. The framework suggests that existing Role-based Access Control (RBAC) mechanisms can be used as a foundation in workflow s...
متن کاملNapoleon: A Recipe for Workflow
This paper argues that Napoleon, a flexible, role-based access control (RBAC) modeling environment, is also a practical solution for enforcing business process control, or workflow, policies. Napoleon provides two important benefits for workflow: simplified policy management and support for heterogeneous, distributed systems. We discuss our strategy for modeling workflow in Napoleon, and we pre...
متن کاملAuthorization and Access Control in Adaptive Workflows
In recent years we have witnessed the development of adaptive workflow management systems. These systems offer an extended set of features to support both ad-hoc and evolutionary changes, while ensuring correctness of process definition and their running instances. Ad-hoc and evolutionary changes impose new access control requirements, which have been neglected by adaptive workflow research and...
متن کاملFormal Analysis of Workflow Systems with Security Considerations
Workflow systems play an essential role in today’s enterprises by providing automatic manipulation of business processes. As an integral part of workflow systems, workflow security has received extensive attentions, within which role-based access control (RBAC) mechanism and separation of duty (SoD) constraints are important topics. RBAC is a natural mechanism to lighten the complexity of secur...
متن کامل