A Context-sensitive Access Control Model for Workflow System

WANG Xiao-Ming
DOI: https://doi.org/10.3969/j.issn.1002-137X.2006.12.027
2006-01-01
Computer Science
Abstract:Access control is an important mechanism for enhancing workflow system security, Role-based access control model (RBAC)is used in the most of workflow systems, and it has become a research topic in the area of workflow. However, in the existing role-based access control models, the influence produced by workflow context and task histories to authorization security is not token into account, redundant properties for running workflow tasks are produced easily, and the policies of separation of duties are not effectively supported. In this paper, a context-related access control model for workflow system is proposed, named as WfCAC. Firstly, the elements and architecture of this model are defined, respectively. Secondly, the mechanisms for achieving the policies of separation of duties and access control mechanism are discussed. Finally, the properties of this model are analyzed. WfCAC model supports the policy of the user group with hierarchy structure, the context-sensitive access control of workflow, the minimizing authorization policies and the policies of separation of duties, respectively.
What problem does this paper attempt to address?