SOWAC: a service-oriented workflow access control model

Proceedings of the 28th Annual International Computer Software and Applications Conference, 2004. COMPSAC 2004. Pub Date : 2004-09-28 DOI:10.1109/CMPSAC.2004.1342816

W. Xu, Jun Wei, Yu Liu, Jing Li

{"title":"SOWAC: a service-oriented workflow access control model","authors":"W. Xu, Jun Wei, Yu Liu, Jing Li","doi":"10.1109/CMPSAC.2004.1342816","DOIUrl":null,"url":null,"abstract":"Workflow access control is the fundamental issue in workflow security. With the development of enterprise globalization and the constant re-engineering and optimizing of enterprise business, the organization becomes more dynamic and its business process is frequently changing. As a result, workflow access control turns more complicated and entails a comparatively operational mechanism. To solve the problem, in view of decoupling workflow access control model from workflow model, we propose a service-oriented workflow access control (SOWAC) model in this paper. In the SOWAC model, service is the abstraction of a task and the unit for applying access control. We present the elements of the SOWAC model and illustrate the enforcement of SOWAC with an example workflow. Then the dynamic separation of duty for the SOWAC model is proposed based on the authorization history of services. By applying SOWAC in a real workflow management system, we show that the SOWAC model is practical and effective.","PeriodicalId":355273,"journal":{"name":"Proceedings of the 28th Annual International Computer Software and Applications Conference, 2004. COMPSAC 2004.","volume":"80 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 28th Annual International Computer Software and Applications Conference, 2004. COMPSAC 2004.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CMPSAC.2004.1342816","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 18

Abstract

Workflow access control is the fundamental issue in workflow security. With the development of enterprise globalization and the constant re-engineering and optimizing of enterprise business, the organization becomes more dynamic and its business process is frequently changing. As a result, workflow access control turns more complicated and entails a comparatively operational mechanism. To solve the problem, in view of decoupling workflow access control model from workflow model, we propose a service-oriented workflow access control (SOWAC) model in this paper. In the SOWAC model, service is the abstraction of a task and the unit for applying access control. We present the elements of the SOWAC model and illustrate the enforcement of SOWAC with an example workflow. Then the dynamic separation of duty for the SOWAC model is proposed based on the authorization history of services. By applying SOWAC in a real workflow management system, we show that the SOWAC model is practical and effective.

查看原文本刊更多论文

SOWAC:面向服务的工作流访问控制模型

工作流访问控制是工作流安全的基本问题。随着企业全球化的发展和企业业务的不断重组和优化，组织的动态性越来越强，业务流程也在不断变化。因此，工作流访问控制变得更加复杂，需要一个相对可操作的机制。为了解决这一问题，从工作流访问控制模型与工作流模型解耦的角度出发，提出了一种面向服务的工作流访问控制(SOWAC)模型。在SOWAC模型中，服务是任务的抽象，是应用访问控制的单元。我们介绍了SOWAC模型的元素，并通过一个示例工作流说明了SOWAC的实施。然后基于服务的授权历史，提出了SOWAC模型的动态职责分离。通过在实际工作流管理系统中的应用，验证了SOWAC模型的实用性和有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 28th Annual International Computer Software and Applications Conference, 2004. COMPSAC 2004.

自引率

0.00%

发文量