An Access Control Model of Workflow System Integrating RBAC and TBAC
نویسندگان
چکیده
Basing on the integration of two models, RBAC and TBAC, an access control model called Role-Task Based Access Control (R&TBAC) is given, which takes two parts as combining sites, one is the role and trustee, the other is the role permission assignment and trustee permissions. A set of fundamental conceptions, a series of authorization processes, a formalized description and some modeling tools about this model are given. This model has both intuitionistic and dynamic characteristics. It also has some other advantages, such as economical for memory space, convenient to maintain and control etc.
منابع مشابه
Task - and - role - based access - control model for computational grid ∗
Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based...
متن کاملAttribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملW-RBAC - A Workflow Security Model Incorporating Controlled Overriding of Constraints
This paper presents a pair of role-based access control models for workflow systems, collectively known as the W-RBAC models. The first of these models, W0-RBAC is based on a framework that couples a powerful RBAC-based permission service and a workflow component with clear separation of concerns for ease of administration of authorizations. The permission service is the focus of the work, prov...
متن کاملDesign of an Integrated Role-Based Access Control Infrastructure for Adaptive Workflow Systems
With increasing numbers of organizations automating their business processes by using workflow systems, security aspects of workflow systems has become a heavily researched area. Also, most workflow processes nowadays need to be adaptive, i.e., constantly changing, to meet changing business conditions. However, little attention has been paid to integrating Security and Adaptive Workflow. In thi...
متن کامل